CVE-2021-33024

Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but it uses an insecure method susceptible to unauthorized interception and/or retrieval...

EUVD-2021-9397

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-5766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Libav through 12.2, there is an invalid memcpy in the avpacketref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to...

CVE-2023-2030

An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which an attacker could potentially modify the metadata of signed commits...

CVE-2023-30544

Kiwi TCMS is an open source test management system. In versions of Kiwi TCMS prior to 12.2, users were able to update their email addresses via the My profile admin page. This page allowed them to change the email address registered with their account without the ownership verification performed...

CVE-2022-33755

CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to potentially enumerate users...

SUSE Linux Enterprise For SAP SEoL (12.2.x)

According to its version, SUSE Linux Enterprise For SAP is 12.2.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...

BIT-GITLAB-2021-22249

A verbose error message in GitLab EE affecting all versions since 12.2 could disclose the private email address of a user invited to a group...

Kiwi TCMS Operating System Command Injection Vulnerability

Kiwi TCMS is Kiwi TCMS open source a leading open source test management system for manual and automated testing. An operating system command injection vulnerability exists in versions of Kiwi TCMS prior to 12.2 that stems from the use of untrusted fields and can be exploited by an attacker to...

GHSA-FWCF-753V-FGCJ Unrestricted file upload in kiwi TCMS

Impact Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. In earlier versions there is no control over what kinds of files can be uploaded. Thus a malicious actor may upload an .exe file or a file containing embedded JavaScript and trick others into clicking on these fil...

kiwi TCMS has possibility for user to update email address to unverified one

Impact In previous versions of Kiwi TCMS users were able to update their email addresses via the "My profile" admin page. This page allowed them to change the email address registered with their account without the ownership verification performed during account registration. Patches With Kiwi TC...

CVE-2023-30613 Kiwi TCMS unrestricted file upload vulnerability

Kiwi TCMS, an open source test management system, allows users to upload attachments to test plans, test cases, etc. In versions of Kiwi TCMS prior to 12.2, there is no control over what kinds of files can be uploaded. Thus, a malicious actor may upload an .exe file or a file containing embedded...

CVE-2023-30544 Kiwi TCMS may allow user to update email address to unverified one

Kiwi TCMS is an open source test management system. In versions of Kiwi TCMS prior to 12.2, users were able to update their email addresses via the My profile admin page. This page allowed them to change the email address registered with their account without the ownership verification performed...

Kiwi TCMS 操作系统命令注入漏洞

Kiwi TCMS is Kiwi TCMS open source a leading open source test management system for manual and automated testing. An operating system command injection vulnerability exists in versions of Kiwi TCMS prior to 12.2 that stems from the use of untrusted fields and can be exploited by an attacker to...

PT-2023-22771 · Kiwi Tcms · Kiwi Tcms

Name of the Vulnerable Software and Affected Versions: Kiwi TCMS versions prior to 12.2 Description: Kiwi TCMS is an open source test management system. In versions prior to 12.2, users were able to update their email addresses via the My profile admin page without the ownership verification...

WordPress plugin WP Review Slider SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

PT-2022-27935 · Roxio · Roxio Creator Ljb

Name of the Vulnerable Software and Affected Versions: Roxio Creator LJB version 12.2 build number 106B62B Roxio Creator LJB version 12.2 build number 106B63A Roxio Creator LJB version 12.2 build number 106B69A Roxio Creator LJB version 12.2 build number 106B71A Roxio Creator LJB version 12.2 bui...

GitLab 12.2.x < 14.10.5, 15.0.x < 15.0.4, 15.1.x < 15.1.1 Access Control Vulnerability

GitLab is prone to an access control vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if descriptio...

CVE-2022-1981

An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if a Maintaine...

Information disclosure

An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. In GitLab, if a group enables the setting to restrict access to users belonging to specific domains, that allow-list may be bypassed if a Maintaine...