Security Bulletin: protobuf-java - CVE-2022-3171 fixed in Cloudera Data Platform Private Cloud Base 7.1.9

Summary Security Bulletin: protobuf-java - CVE-2022-3171 fixed in Cloudera Data Platform Private Cloud Base 7.1.9 Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to ...

EUVD-2016-5318

Malware in sbrugna...

CVE-2025-34115

An authenticated command injection vulnerability exists in OP5 Monitor through version 7.1.9 via the 'cmdstr' parameter in the commandtest.php endpoint. A user with access to the web interface can exploit the 'Test this command' feature to execute arbitrary shell commands as the unprivileged web...

Malicious code in eslint-plugin-add-display-name (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8efa7275ffd4613db923c31dba516fc3434fb3fecb4ccfbd1e1cb929399a6b02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress plugin WPC Frequently Bought Together for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin WPC Frequently Bought Togeth...

Atlassian Jira < 7.1.9 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to . It is, therefore, affected by multiple vulnerabilities: - A vulnerability in the /auditing/settings endpoint, which permits attackers to perform Cross Site Request Forgery...

WordPress plugin WPDating SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...

Atlassian Jira < 7.1.9 Role Name XSS (JRASERVER-61861)

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 7.1.9. It is, therefore, affected by a persistent cross-site scripting XSS vulnerability in the /project/ViewDefaultProjectRoleActors.jspa resource, due to improper validation...

Design/Logic Flaw

There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6 or later versions...

WordPress WP Spell Check plugin <= 7.1.9 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Takuya Yamaguchi in WordPress WP Spell Check plugin versions = 7.1.9. Solution Update the WordPress WP Spell Check plugin to the latest available version at least 7.1.10...