SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the Visible name field during the autoremoval process. An attacker can execute arbitrary SQL commands by injecting malicious input into this field. Remediation Upgrade zabbix/zabbix to version 6.0.34, 6.4.19, 7.0.4 or...

Advisory ROSA-SA-2025-2773

Software: zabbix 6.0.34 OS: ROSA Virtualization 3.0 packageevrstring: zabbix-6.0.34-2.rv30 CVE-ID: CVE-2024-22114 BDU-ID: 2025-00959 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Zabbix Universal Monitoring System is related to improper saving of permissions. Exploitation of the vulnerabilit...

CVE-2024-23793

The file upload feature in OTRS and OTRS Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl...

Security update for trytond (moderate)

openSUSE Security Update: Security update for trytond Announcement ID: openSUSE-SU-2023:0209-1 Rating: moderate References: 1213869 Affected Products: openSUSE Backports SLE-15-SP5 An update that contains security fixes can now be installed. Description: This update for trytond fixes the followin...

UBUNTU-CVE-2023-1248

Improper Input Validation vulnerability in OTRS AG OTRS Ticket Actions modules, OTRS AG OTRS Community Edition Ticket Actions modules allows Cross-Site Scripting XSS.This issue affects OTRS: from 7.0.X before 7.0.42; OTRS Community Edition: from 6.0.1 through 6.0.34...

Input validation

Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG OTRS Community Edition allows SQL Injection via TicketSearch Webservice This issue affects OTRS: from 7.0.1 before 7.0.40 Patch 1, from 8.0.1 before 8.0.28 Patch 1; OTRS Community Edition: from 6.0.1 through 6.0.34...