9 matches found
EUVD-2026-32423
IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data...
Improper Authorization org.springframework.security:spring-security-core Dependency in Jira Service Management Data Center and Server
This High severity Improper Authorization vulnerability was introduced in versions 11.01.1 and 11.1.1 of Jira Service Management Data Center and Server. This vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated attacke...
PT-2023-3279 · Bosch · Bosch Bvms
Name of the Vulnerable Software and Affected Versions: Bosch VMS versions 11.0 through 11.1.1 Description: The issue is related to insufficient protection of service data in the SSH server of the Bosch BVMS video surveillance system management software. It allows a remote attacker to gain...
Adobe Bridge 缓冲区错误漏洞
Adobe Bridge, a free digital asset management application from Adobe, is vulnerable to an out-of-bounds read vulnerability in Adobe Bridge 11.1.1 and earlier. An attacker could exploit the vulnerability to execute arbitrary code...
Adobe Bridge 缓冲区错误漏洞
Adobe Bridge is a free digital asset management application from Adobe. 11.1.1 and earlier versions of Adobe Bridge contain a memory corruption vulnerability that could be exploited by attackers to execute arbitrary code in the context of the current user...
CVE-2021-21340
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 10.4.14, 11.1.1 it has been discovered that database fields used as descriptionColumn are vulnerable to cross-site scripting when their content gets previewed. A valid backend user account is needed to explo...
GHSA-X79J-WGQV-G8H2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form
Problem It has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. Solution Update to TYPO3 versions 10.4.14 or 11.1.1 that fix the...
IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2019-25041)
IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripting...
CVE-2017-10269
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware subcomponent: Core. Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. While...