EUVD-2022-51843

Malicious code in bioql PyPI...

EUVD-2022-52034

Malicious code in bioql PyPI...

EUVD-2022-51946

Malicious code in bioql PyPI...

CVE-2022-4502

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2...

CVE-2022-4733 Cross-site Scripting (XSS) - Stored in openemr/openemr

Cross-site Scripting XSS - Stored in GitHub repository openemr/openemr prior to 7.0.0.2...

OpenEMR < 7.0.0.2 Multiple Vulnerabilities

OpenEMR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr"; ifdescription...

CVE-2022-4504 Improper Input Validation in openemr/openemr

Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2...

PT-2022-27392 · Openemr · Openemr

Name of the Vulnerable Software and Affected Versions: openemr versions prior to 7.0.0.2 Description: The issue concerns an Authorization Bypass Through User-Controlled Key and Improper Access Control in the openemr repository. Recommendations: For versions prior to 7.0.0.2, update to version...

CVE-2022-4506 Unrestricted Upload of File with Dangerous Type in openemr/openemr

Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2...

CVE-2022-4502 Cross-site Scripting (XSS) - Reflected in openemr/openemr

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2...

Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Open Source vulnerabilities

Summary IBM WebSphere Cast Iron Solution & App Connect Professional has addressed the open source vulnerabilities. Vulnerability Details CVEID: CVE-2019-12749 DESCRIPTION: dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu...

CVE-2019-7422

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter...

ZOHO ManageEngine Netflow Analyzer Path Traversal Vulnerability

ZOHO ManageEngine Netflow Analyzer is a set of Web-based bandwidth monitoring tools from ZOHO. The product is mainly used for bandwidth monitoring and traffic analysis. A path traversal vulnerability exists in /netflow/servlet/CReportPDFServlet in ZOHO ManageEngine Netflow Analyzer Professional...

ZOHO ManageEngine Netflow Analyzer Cross-Site Scripting Vulnerability (CNVD-2019-32076)

ZOHO ManageEngine Netflow Analyzer is a set of Web-based bandwidth monitoring tools from ZOHO. The product is mainly used for bandwidth monitoring and traffic analysis. A cross-site scripting vulnerability exists in the /netflow/jspui/popup1.jsp file in ZOHO ManageEngine Netflow Analyzer...

Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting

Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting !-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manage...

CVE-2014-4760

Open redirect vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 before 8.0.0.1 CF13, and 8.5.0 before CF01 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted...