org.apache.pulsar:pulsar-server-distribution (>=3.0.0 <=3.0.17) potentially affected by CVE-2023-51437 via org.apache.pulsar:pulsar-broker-auth-sasl (>=3.0.0 <=3.0.17)

org.apache.pulsar:pulsar-broker-auth-sasl MAVEN version =3.0.0, =3.0.0, =3.0.17 Source cves: CVE-2023-51437 Source advisory: OSV:GHSA-C57V-4VG5-CM2X...

PT-2024-12253 · Ibm · Ibm Security Access Manager Container

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Container versions 10.0.0.0 through 10.0.6.1 Description: The issue is related to the temporary storage of sensitive information in files that could be accessed by a local user. Recommendations: For versions 10.0.0...

Cybozu KUNAI Security Vulnerability

Cybozu KUNAI is an application from Cybozu Japan that is used to establish a connection with Cybozu products. A security vulnerability exists in Cybozu KUNAI for Android versions 3.0.20 through 3.0.21. A remote attacker can exploit the vulnerability to cause a denial of service DoS condition by...

PT-2024-17634 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA 2017 versions up to 11.10 Description: A critical vulnerability has been found in Tongda OA. The issue affects an unknown function of the file /general/email/outbox/delete.php. The manipulation of the DELETE STR argument leads to SQ...

2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24559 via vyper (>=0.1.0b12 <=0.3.9)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24559 Source advisory: OSV:GHSA-6845-XW22-FFXV...

CVE-2023-32329

IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1 could allow a user to download files from an incorrect repository due to improper file validation. IBM X-Force ID: 254972...

2vyper (=0.3.0), ape-dasy (=0.1.0) +28 more potentially affected by CVE-2024-24560 via vyper (>=0.1.0b12 <=0.3.9)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.6 and more Source cves: CVE-2024-24560 Source advisory: OSV:GHSA-GP3W-2V2M-P686...

com.linecorp.centraldogma:centraldogma-server-auth-saml (>=0.33.0 <=0.64.0), com.linecorp.centraldogma:centraldogma-server-auth-shiro (>=0.33.0 <=0.64.0) +7 more potentially affected by CVE-2024-1143 via com.linecorp.centraldogma:centraldogma-server (>=0.17.0 <=0.64.0)

com.linecorp.centraldogma:centraldogma-server MAVEN version =0.17.0, =0.33.0, =0.33.0, =0.61.0, =0.62.0, =0.17.0, =0.44.0, =0.44.0, =0.44.0, =0.64.0 - com.linecorp.centraldogma:centraldogma-xds =0.64.0 Source cves: CVE-2024-1143 Source advisory: OSV:GHSA-34Q3-P352-C7Q8...

CVE-2024-22319

IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145...

B&R Industrial Automation Studio Security Breach

B&R Industrial Automation GmbH B&R Industrial Automation Studio is a suite of integrated development environments IDEs from B&R Industrial Automation GmbH, Austria, for developing and programming its automation solutions. A security vulnerability exists in B&R Industrial Automation Studio version...

PT-2024-13072 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue allows a remote user to log into the server due to a user account with an empt...

PT-2024-12255 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue is due to an improper security configuration, which could allow a local user t...

auto-wasi (=0.1.0), candid-extractor (>=0.1.0 <=0.1.2) +99 more potentially affected by CVE-2022-39394 via wasmtime (>=0.10.0 <=12.0.2)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.45.0, =0.1.0, =0.3.0 - inkpad-executor =0.1.0 and more Source cves: CVE-2022-39394 Source advisory: OSV:GHSA-H84Q-M8RR-3V9Q...

Dell PowerScale OneFS 访问控制错误漏洞

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An elevation of privilege vulnerability exists in Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x. The vulnerability is due to an authentication...

PT-2024-13903 · Ibm · Ibm Powersc

Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue is related to an inadequate account lockout setting in IBM PowerSC, which could allow a remote attacker to brute force account credentials. Recommendations: For versions 1.3 through...

PT-2024-14019 · Ibm · Ibm Powersc

Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue allows an authenticated user to impersonate another user on the system because sessions are not invalidated after logout. Recommendations: For IBM PowerSC versions 1.3 through 2.1,...

CVE-2024-22161

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11...

ESET Endpoint Security and ESET Endpoint Antivirus Security Vulnerabilities

ESET Endpoint Antivirus and ESET Endpoint Security are both products of ESET Slovakia.ESET Endpoint Antivirus is an on-premise and cloud-based anti-malware and security suite for small, medium and large organizations. Used for anti-malware, remote management, endpoint security, file security,...

VulnCheck KEV: CVE-2024-22772

Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.024.02 allows an attacker to cause network attack in case of using defalut admin ID/PW...

org.apache.kylin:kylin-cache (>=2.6.0 <=4.0.0-alpha), org.apache.kylin:kylin-core-cube (>=2.0.0 <=4.0.0-alpha) +22 more potentially affected by CVE-2023-29055 via org.apache.kylin:kylin-core-common (>=2.0.0 <=4.0.0-alpha)

org.apache.kylin:kylin-core-common MAVEN version =2.0.0, =2.6.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.3.2, =2.0.0, =2.6.0, =2.3.2, =2.3.2, =2.0.0, =2.0.0, =2.6.0, =2.0.0, =3.0.2 - org.apache.kylin:kylin-spark-common =4.0.0-alpha and more Source cves: CVE-2023-29055 Source advisory:...