10 matches found
org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-41002 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)
org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-41002 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439108...
@aadarshjr/reweb-js (>=1.0.7 <=1.0.17), @acentswap/ace-core-trial (>=10.4.0 <=10.7.0) +869 more potentially affected by CVE-2026-27903 via minimatch (>=5.0.0 <=5.1.7)
minimatch NPM version =5.0.0, =1.0.7, =10.4.0, =9.0.0, =10.0.0, =10.0.0, =10.5.0, =10.4.0, =0.4.13, =2.3.0, =2.3.0, =2.2.1, =2.2.1, =2.2.2 - @aid-on/aidify =0.1.2 and more Source cves: CVE-2026-27903 Source advisory: SNYK:JS-MINIMATCH-15353389...
Linux Distros Unpatched Vulnerability : CVE-2021-41585
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new...
WordPress WOOEXIM Plugin <= 5.0.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WOOEXIM versions = 5.0.0...
PT-2024-31428 · Ibm · Ibm Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.9 Description: The issue allows a user to bypass intended access restrictions and conduct resource modification. Recommendations: For IBM Aspera Faspex versions 5.0.0 through 5.0.9, update to a...
cc.ecore:spring-jfinal (=0.0.1), cc.ecore:spring-jfinal-plugin (>=0.1.0 <=0.1.2) +164 more potentially affected by CVE-2023-49374 via com.jfinal:jfinal (>=1.4 <=5.0.0)
com.jfinal:jfinal MAVEN version =1.4, =0.1.0, =0.1.1, =1.0.2, =1.0.0, =1.0, =3.30.7-RELEASE, =0.0.8, =0.0.8, =0.0.8, =1.29.1.trial, =1.29.1.trial, =1.45.0 - cn.dreampie:jfinal-akka =0.1 and more Source cves: CVE-2023-49374 Source advisory: OSV:GHSA-R7W2-J96V-VW8M...
PT-2023-14205 · Npm · Node-Sqlite3
Name of the Vulnerable Software and Affected Versions: node-sqlite3 versions 5.0.0 through 5.1.4 Description: A code execution issue exists in the Statement Bindings functionality of node-sqlite3. This can be triggered by a specially-crafted Javascript file, allowing for arbitrary code execution...
PT-2021-6464 · Suricata +1 · Suricata +1
Name of the Vulnerable Software and Affected Versions: Suricata versions 5.0.0 through 5.0.6 Suricata versions 6.0.0 through 6.0.2 Description: The issue is related to insufficient access control in the Suricata intrusion detection and prevention system. It allows a remote attacker to cause a...
@cumulus/api-client (=1.19.0), @github1/ajax-service (>=0.4.0 <=0.4.55) +55 more potentially affected by CVE-2021-33502 via normalize-url (>=5.0.0 <=5.3.0)
normalize-url NPM version =5.0.0, =0.4.0, =1.0.1, =0.8.0, =0.8.0, =0.8.0, =0.8.0, =0.8.0, =0.8.0, =1.0.1, =0.8.7, =0.8.0, =0.8.0, =1.0.1, =0.8.0, =0.8.97 and more Source cves: CVE-2021-33502 Source advisory: OSV:GHSA-PX4H-XG32-Q955...
Elastic X-Pack Alerting Elevation of Privilege Vulnerability
Elastic X-Pack Alerting is an extension of Elastic Stack a log analyzing system from Dutch company Elasticsearch. A security vulnerability exists in the permission schema used in Elastic X-Pack Alerting versions 5.0.0 through 5.6.0. An attacker could exploit the vulnerability to gain elevated...