Dell PowerScale OneFS 9.4.0.0 <= 9.10.1.0 / 9.7 < 9.7.1.8 DoS

The version of Dell PowerScale OneFS running on the remote host is affected by contains an out-of-bounds write flaw. A local low privileged attacker could potentially exploit this, leading to denial of service. Note that Nessus has not tested for this issue but has instead relied only on the...

EUVD-2019-11354

Malware in sbrugna...

EUVD-2022-30422

Malicious code in bioql PyPI...

CVE-2019-20818

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption because data is created for each page of an application level...

CVE-2024-1969

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Secomea GateManager webserver modules allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033...

PT-2024-17506 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.7.x through 9.7.5 Mattermost versions 9.8.x through 9.8.2 Mattermost versions 9.9.x through 9.9.2 Description: The issue arises from the failure to properly propagate permission scheme updates across cluster nodes. This...

PT-2024-34193 · Unknown · Wpsoul Greenshift

Name of the Vulnerable Software and Affected Versions: Wpsoul Greenshift – animation and page builder blocks versions 9.7 and earlier Description: The issue is related to Incorrect Authorization, allowing exploitation due to incorrectly configured access control security levels. Recommendations:...

BIT-MATTERMOST-2024-41144

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to properly validate synced posts, when shared channels are enabled, which allows a malicious remote to create/update/delete arbitrary posts in arbitrary channels...

GHSA-JR9X-3X7M-4J75 Mattermost allows a remote actor to make an arbitrary local channel read-only

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5 and 9.8.x = 9.8.1 fail to disallow the modification of local channels by a remote, when shared channels are enabled, which allows a malicious remote to make an arbitrary local channel read-only...

Mattermost allows a user on a remote to set their remote username prop to an arbitrary string

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to disallow users to set their own remote username, when shared channels were enabled, which allows a user on a remote to set their remote username prop to an arbitrary string, which would be then synced to the...

CVE-2024-41162 Malicious remote can make an arbitrary local channel read-only

Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5 and 9.8.x = 9.8.1 fail to disallow the modification of local channels by a remote, when shared channels are enabled, which allows a malicious remote to make an arbitrary local channel read-only...

CVE-2024-39839

Mattermost server vulnerability CVE-2024-39839 affects Mattermost versions 9.9.x &lt;= 9.9.0, 9.5.x &lt;= 9.5.6, 9.7.x &lt;= 9.7.5, 9.8.x

CVE-2024-5270

Mattermost vulnerable in multiple tracked versions (8.1.x &lt;= 8.1.12; 9.5.x &lt;= 9.5.3; 9.6.x &lt;= 9.6.1; 9.7.x email switch. Impact: improper access control for authentication method and related data. Mitigation: upgrade to versions later than the listed fixed versions (as documented in PT-2...

CVE-2024-1969

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Secomea GateManager webserver modules allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033...

Security Bulletin: IBM SDK, Java Technology Edition, Security Update February 2024

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, 8 that is used by Rational Application Developer®. These issues were disclosed as part of the IBM Java SDK updates up to February 2024. IBM 8 SR8 FP20 1.8.0401. Vulnerability Details CVEID:CVE-2023-22067 DESCRIPTION:...

Security Bulletin: Vulnerabilities in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Business Developer. Rational Business Developer has provided a fix for the applicable CVE. These issues were disclosed as part of the IBM Java SDK and...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2022 - Includes Oracle October 2022 CPU and IBM Java - OpenJ9 CVE-2022-3676

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 8 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM Java SDK updates in Oct 2022 and IBM Ja...

CVE-2022-22389

IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740...

Information disclosure

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. This issue affects: GateManager all versions prior to 9.7...

CVE-2022-25786 GateManager debug interface is included in production builds

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obtain sensitive information. This issue affects: GateManager all versions prior to 9.7...