29 matches found
BIT-JAVA-2022-39399
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerabilit...
EUVD-2023-54617
Malicious code in bioql PyPI...
EUVD-2022-5055
Malicious code in bioql PyPI...
GHSA-XJHF-7833-3PM5 Volto affected by possible DoS by invoking specific URL by anonymous user
Impact When visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. Patches The problem has been patched and the patch has been backported to Volto major versions down until 16. It is advised to upgrade to the latest patch release of your...
CVE-2024-8637
Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Fedoraproject Fedora SEoL (19.x)
According to its version, Fedoraproject Fedora is 19.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 ...
CVE-2024-37764
MachForm up to version 19 is affected by an authenticated stored cross-site scripting...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...
CVE-2024-37764
MachForm up to version 19 is affected by an authenticated stored cross-site scripting...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...
CVE-2024-37765
Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page...
CVE-2024-37764
CVE-2024-37764 affects MachForm up to version 19 with an authenticated stored cross-site scripting vulnerability. The issue is triggered by input that is stored and later rendered in web pages (no exploitation details provided in the documents). Remediation: upgrade MachForm to version 20 or late...
CVE-2024-37764
MachForm up to version 19 is affected by an authenticated stored cross-site scripting...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting vulnerability that can impact users with valid sessions who view compiled forms results. The issue is documented across multiple sources (NVD/Red Hat/CVE listings and third-party advisories) with no public exp...
PT-2024-26968 · Vantiva · Mediaaccess Dga2232
Name of the Vulnerable Software and Affected Versions: Vantiva - MediaAccess DGA2232 version 19.4 Description: The issue is related to improper neutralization of input during web page generation, which can lead to cross-site scripting. Recommendations: For version 19.4, update to a newer version...
Path traversal
An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution...
OESA-2022-2155 openjdk-11 security update
The OpenJDK runtime environment. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition...
CVE-2022-38163
A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar...
CVE-2022-29082
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote...