7 matches found
📄 ProjeQtor 12.4.3 SQL Injection
This Metasploit auxiliary module targets an unauthenticated SQL injection vulnerability in ProjeQtor login functionality and is structured as a scanner-style module with multiple operational modes. Version 12.4.3 is affected...
@a-la-fois/api (>=0.0.25 <=0.0.39), @a-la-fois/doc-client (>=0.0.1 <=0.0.39) +115 more potentially affected by CVE-2026-42334 via mongoose (>=7.0.0 <=7.8.8)
mongoose NPM version =7.0.0, =0.0.25, =0.0.1, =0.0.25, =0.0.1, =0.0.25, =3.12.0, =1.0.0, =1.0.6, =0.2.0, =0.2.0, =0.0.0, =1.0.2, =1.0.0, =7.6.10, =7.8.6 and more Source cves: CVE-2026-42334 Source advisory: OSV:GHSA-WPG9-53FQ-2R8H...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...
CVE-2023-47150
IBM Common Cryptographic Architecture CCA 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602...
CVE-2023-22283
On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client for Windows. User interaction and administrative privileges are required to exploit this vulnerability because the victim user needs to run the executable on the system and the attacke...
Apple watchOS 路径遍历漏洞
Apple watchOS is an operating system for smartwatches from Apple. A path traversal vulnerability exists in watchOS, which stems from insufficient validation of directory paths. The following products and versions are affected: watchOS: 7.0 18R382, 7.0.1 18R395, 7.0.2 18R402, 7.0.3 18R410, 7.1...
CVE-2020-6246
SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXTTABLE, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...