10 matches found
Forcepoint Web Security 安全漏洞
Forcepoint Web Security is a security platform developed by the US company Forcepoint. It provides robust protection through content-aware defense and cloud-based application discovery and monitoring. There are security vulnerabilities in Forcepoint Web Security versions 8.5.6 and earlier, which...
WordPress Soledad Theme <= 8.6.8 is vulnerable to Cross Site Scripting (XSS)
Software Soledad Type Theme Vulnerable versions = 8.6.8 Fixed in 8.6.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-59589 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 129327b97bb0 Credits João Pedro S Alcântara Kinorth Required privile...
📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Server-Side Request Forgery
Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below insecurely forward HTTP requests based on user-controlled values, enabling an unauthenticated user to coerce the web application into sending data to arbitrary locations, such as the SMTP service listening on localhost...
Vulnerability fixed in OpenSSH
The developers of OpenSSH have fixed a vulnerability in OpenSSH The vulnerability allows a malicious party to execute arbitrary code with privileges of the sshd process without prior authentication. It cannot be ruled out that the ssh process is running with elevated privileges, making it possibl...
CVE-2024-1464
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ attribute of the Posts Slider widget in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
PT-2023-10306 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions 8 through 9.0.1 JetBrains TeamCity version 9.0.2 is not affected, so only versions prior to 9.0.2 are considered vulnerable. Description: The issue allows bypass of account-creation restrictions via a crafted...
Atlassian JIRA Server and Data Center Code Issues Vulnerabilities
Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is the server version of a defect tracking management system. Atlassian JIRA Server is the server version of a defect tracking management system that is used to track and manage all...
PT-2017-2776 · Apache · Apache Tomcat
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 8.5.0 through 8.5.15 Apache Tomcat versions 9.0.0.M1 through 9.0.0.M21 Description: The issue is related to the HTTP/2 implementation in Apache Tomcat, which bypassed security checks, allowing directory traversal attack...
IBM Security AppScan Standard Information Disclosure Vulnerability (CNVD-2015-00885)
IBM Security AppScan Standard is a set of security testing tools for Web applications from IBM in the United States. The tool automates dynamic and static security vulnerability scanning during the application development lifecycle. An information disclosure vulnerability exists in IBM Security...
PT-2013-2071 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 8 through 9 Description: The issue allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object. This occurs due to the way Internet Explorer accesses a...