animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +176 more potentially affected by CVE-2022-29194 via tensorflow-gpu (>=1.10.1 <=2.6.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29194 Source advisory: OSV:GHSA-H5G4-PPWX-48Q2...

by.exonit.redmine.client:client-play26-ws_2.12 (=5.0.0), ch.datascience:renku-commons_2.12 (=0.2.0) +85 more potentially affected by CVE-2019-17598 via com.typesafe.play:play-ws_2.12 (>=2.6.0-M1 <=2.6.23)

com.typesafe.play:play-ws2.12 MAVEN version =2.6.0-M1, =1.0.0, =7.6.0-crosscompilescala212.2.206f1b4play2.6, =10.0.0play2.6, =10.0.0play2.6, =10.0.0play2.6, =0.4.0, =0.4.0, =0.1.0, =0.2.3 - com.elegantmonkeys:lagom-javadsl-google-pubsub-broker2.12 =1.0.0-RC1 -...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-10401 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.17)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-10401 Source advisory: OSV:GHSA-HG6G-JJ7G-X6V2...

demo-joplin (>=1.0.1 <=1.0.8) potentially affected by CVE-2021-37916 via joplin (=0.10.93)

joplin NPM version =0.10.93 is affected by a known vulnerability. The following packages have a transitive dependency on joplin and may be impacted: - demo-joplin =1.0.1, =1.0.8 Source cves: CVE-2021-37916 Source advisory: OSV:GHSA-MRMF-755G-W2VW...

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=5.7.9), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=5.7.9) +382 more potentially affected by CVE-2021-22145 via org.elasticsearch.client:elasticsearch-rest-client (>=7.10.0 <=7.13.3)

org.elasticsearch.client:elasticsearch-rest-client MAVEN version =7.10.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =5.7.9 and more Source cves: CVE-2021-22145 Source advisory: OSV:GHSA-Q394-H7F5-7F44...

GHSA-Q394-H7F5-7F44 Generation of Error Message Containing Sensitive Information in Elasticsearch

A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data...

org.jenkins-ci.plugins:whitesource (>=20.1.2 <=21.1.2) potentially affected by CVE-2020-2252 via org.jenkins-ci.plugins:mailer (=1.32)

org.jenkins-ci.plugins:mailer MAVEN version =1.32 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:mailer and may be impacted: - org.jenkins-ci.plugins:whitesource =20.1.2, =21.1.2 Source cves: CVE-2020-2252 Source advisory:...

ai.grakn:grakn-dist (>=0.7.0 <=0.16.0), ai.grakn:grakn-test (=0.10.0) +1836 more potentially affected by CVE-2020-7019 via org.elasticsearch:elasticsearch (>=0.6.0 <=6.8.11)

org.elasticsearch:elasticsearch MAVEN version =0.6.0, =0.7.0, =0.6.1, =0.11.0, =0.3.0, =1.0.1, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.2.1 - ca.uhn.hapi.fhir:hapi-fhir-jpaserver-starter =5.2.0 and more Source cves: CVE-2020-7019 Source advisory: OSV:GHSA-C77J-P484-H84M...

br.eti.clairton:ds-test (=0.4.0), ch.inftec.ju:ju-ee (>=6.0-2 <=6.1-S-5) +103 more potentially affected by CVE-2020-14297 via org.jboss:jboss-ejb-client (>=1.0.0.Beta12 <=4.0.33.Final)

org.jboss:jboss-ejb-client MAVEN version =1.0.0.Beta12, =6.0-2, =4.1, =4.1, =1.0.1, =0.1.0, =0.1.0, =2.2, =8.0, =8.0, =0.2.4, =1.0.0.Alpha3, =0.1.0, =0.1.0, =0.12.0.Final, =1.0.0.CR2 and more Source cves: CVE-2020-14297 Source advisory: OSV:GHSA-QCCH-9268-59JW...

@27works/posto (>=2.0.0 <=2.0.2), @abdul778/page-editor (>=0.1.0 <=0.41.0) +611 more potentially affected by CVE-2020-12827 via mjml (>=0.1.0 <=4.5.1)

mjml NPM version =0.1.0, =2.0.0, =0.1.0, =0.1.0, =0.1.0, =0.0.122, =0.16.9, =1.0.4, =1.0.0, =2.0.0, =12.5.0, =1.0.0, =2.2.7-bb.3, =2.2.7-bb.7 - @becomes/mjml =1.0.0 - @bedrock-foundation/sdk =0.0.2 and more Source cves: CVE-2020-12827 Source advisory: OSV:GHSA-4HCH-R9XF-6VFR...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1591 more potentially affected by CVE-2020-2160 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.20)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2020-2160 Source advisory: OSV:GHSA-C735-G9F2-2MVP...

org.apache.jspwiki.it:jspwiki-it-builder (>=2.11.0 <=2.11.0.M4), org.apache.jspwiki.it:jspwiki-it-test-cma (>=2.11.0 <=2.11.0.M4) +8 more potentially affected by CVE-2019-12407 via org.apache.jspwiki:jspwiki-war (>=2.10.0 <=2.11.0.M4)

org.apache.jspwiki:jspwiki-war MAVEN version =2.10.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.10.0, =2.10.3, =2.10.5 - org.apache.jspwiki:jspwiki-portable =2.11.0 Source cves: CVE-2019-12407 Source advisory: OSV:GHSA-P2R4-RPJ8-M2P9...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-10384 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.17)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-10384 Source advisory: OSV:GHSA-VCR8-H8QP-QJ8H...

ai.grakn:grakn-dist (>=0.7.0 <=0.16.0), ai.grakn:grakn-test (=0.10.0) +1866 more potentially affected by CVE-2019-7614 via org.elasticsearch:elasticsearch (>=0.6.0 <=6.8.19)

org.elasticsearch:elasticsearch MAVEN version =0.6.0, =0.7.0, =0.6.1, =0.11.0, =0.3.0, =1.0.1, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.1.0, =5.2.1 - ca.uhn.hapi.fhir:hapi-fhir-jpaserver-starter =5.2.0 and more Source cves: CVE-2019-7614 Source advisory: OSV:GHSA-JQM6-M3J3-8GG9...

Google Chrome 权限许可和访问控制问题漏洞

Google Chrome is a web browser from Google, Inc. A privilege permission and access control issue vulnerability exists in Google Chrome versions 70.0.3538.67 through 101.0.4951.67, which stems from insufficient policy enforcement in the Extensions API. A remote attacker could exploit the...

com.erudika:para-cache-hazelcast (>=1.26.0 <=1.39.0), com.erudika:para-client (>=1.13 <=1.45.10) +9 more potentially affected by CVE-2022-1782 via com.erudika:para-core (>=1.13 <=1.45.10)

com.erudika:para-core MAVEN version =1.13, =1.26.0, =1.13, =1.20.0, =1.18.0, =1.28.1, =1.30.0, =1.25.0, =1.29.0, =1.28.0, =1.13, =1.24.4, =1.45.10 Source cves: CVE-2022-1782 Source advisory: OSV:GHSA-PHVW-R25P-8XV7...

com.sonyericsson.hudson.plugins.multi-slave-config-plugin:multi-slave-config-plugin (>=1.1.1 <=1.2.0) potentially affected by CVE-2022-30950 via org.jenkins-ci.plugins:windows-slaves (=1.0)

org.jenkins-ci.plugins:windows-slaves MAVEN version =1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:windows-slaves and may be impacted: - com.sonyericsson.hudson.plugins.multi-slave-config-plugin:multi-slave-config-plugin...

PT-2022-15827 · Tooljet · Tooljet

Name of the Vulnerable Software and Affected Versions: ToolJet versions v0.6.0 to v1.10.2 Description: The issue allows an attacker to inject malicious code inside the first name and last name fields while inviting a new user, which will be reflected in the invitational e-mail. This is an HTML...

CVE-2022-22482

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977...

UBUNTU-CVE-2022-30688

needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files...