PT-2026-3720

Name of the Vulnerable Software and Affected Versions Oracle FLEXCUBE Investor Servicing versions 14.5.0.15.0 through 14.8.0.1.0 Description A security issue exists within the Security Management System component of the Oracle FLEXCUBE Investor Servicing product. A low-privileged attacker with...

EUVD-2023-41142

Malicious code in bioql PyPI...

EUVD-2022-15437

Malicious code in bioql PyPI...

WordPress Wonder Slider plugin <= 14.4 - Authenticated (Contributor+) Dom-based Stored Cross-Site Scripting

Authenticated Contributor+ Dom-based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Wonder Slider versions = 14.4...

CVE-2021-39947

In specific circumstances, trace file buffers in GitLab Runner versions up to 14.3.4, 14.4 to 14.4.2, and 14.5 to 14.5.2 would re-use the file descriptor 0 for multiple traces and mix the output of several jobs...

CVE-2022-0244

An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary file read was possible by importing a group was due to incorrect handling of file...

PT-2024-22061 · Apple · Macos Sonoma +1

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.5 Description: The issue allows an app to potentially elevate privileges. It was addressed by removing the vulnerable code. Recommendations: For macOS Sonoma versions prior to 14.5, update to version 14.5 to...

PT-2024-22062 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.5 Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue allows an app to bypass certain Privacy preferences. Recommendations: For...

XWiki 14.0-rc-1 < 14.4.8, 14.5 < 14.10.4 Privilege Escalation Vulnerability (GHSA-rwwx-6572-mp29)

Xwiki is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescripti...

CVE-2023-22125

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 14.5-14.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2023-37222 Farsight Tech Nordic AB ProVide

Farsight Tech Nordic AB ProVide version 14.5 - Multiple XSS vulnerabilities CWE-79 can be exploited by a user with administrator privilege...

PT-2023-25841 · Farsight Tech Nordic Ab · Provide

Name of the Vulnerable Software and Affected Versions: Farsight Tech Nordic AB ProVide version 14.5 Description: Multiple XSS vulnerabilities can be exploited by a user with administrator privilege. Recommendations: For version 14.5, consider disabling access to administrator privileges until a...

Vastgota-data ProVide Cross-Site Scripting Vulnerability

Vastgota-data ProVide is a file transfer server with a graphical user interface from the Swedish company Vastgota-data. A cross-site scripting vulnerability exists in Vastgota-data ProVide now Farsight Tech Nordic AB ProVide version 14.5, which can be exploited by an attacker to inject malicious...

XWiki 2.5-milestone-2 < 13.10.11, 14.0-rc-1 < 14.4.8, 14.5 < 14.10.1 Information Disclosure Vulnerability (GHSA-m3c3-9qj7-7xmx)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 7.0-rc-1 < 14.4.8, 14.5 < 14.10.4 Code Injection Vulnerability (GHSA-h4vp-69r8-gvjg)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

XWiki 6.0-rc-1 < 13.10.10, 14.0-rc-1 < 14.4.4, 14.5 < 14.8 Open Redirect Vulnerability (GHSA-xwph-x6xj-wggv)

Xwiki is prone to an open redirect vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

XWiki 10.11.1 < 13.10.11, 14.0-rc-1 < 14.4.8, 14.5 < 14.10.3 Privilege Escalation Vulnerability (GHSA-gpq5-7p34-vqx5)

Xwiki is prone to an privilege escalation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 1.2-milestone-1 < 13.10.11, 14.x < 14.4.7, 14.5.x < 14.10 Information Disclosure Vulnerability (GHSA-4f8g-fq6x-jqrr)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 13.9-rc-1 < 13.10.8, 14.x < 14.4.3, 14.5.x < 14.7 Information Disclosure Vulnerability (GHSA-vvp7-r422-rx83)

Xwiki is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

XWiki 10.9 < 13.10.11, 14.x < 14.4.7, 14.5.x < 14.10 Code Injection Vulnerability (GHSA-9pc2-x9qf-7j2q)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...