jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm... weiterlesen

jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm... weiterlesen

Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows... weiterlesen

a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0.... weiterlesen

jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm... weiterlesen

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions... weiterlesen

Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

... weiterlesen

... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

... weiterlesen

Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28327, CVE-2021-28329, CVE-2021-28330, CVE-2021-28331,... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit... weiterlesen

jose is an npm library providing a number of cryptographic operations. In vulnerable versions AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384,... weiterlesen

SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the... weiterlesen

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files... weiterlesen

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files... weiterlesen

Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit... weiterlesen

Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated... weiterlesen

IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands.... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

A vulnerability, which was classified as problematic, has been found in ZTE ZXHN H168N and ZXHN H108N (affected version not known). Affected by this issue... weiterlesen

A vulnerability was found in Trend Micro Micro Apex One, Apex One as a Service and OfficeScan XG SP1 (Anti-Malware Software) (the affected version unknown).... weiterlesen

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint... weiterlesen

A vulnerability was found in Siren Federate. It has been rated as problematic. Affected by this issue is some unknown processing of the component Thread... weiterlesen

A vulnerability has been found in TP-Link TL-XDR3230, TL-XDR1850, TL-XDR1860, TL-XDR3250, TL-XDR6060 and TL-XDR5430 (Router Operating System) and classified... weiterlesen

A vulnerability was found in NetIQ Advanced Authentication up to 6.3 SP3. It has been rated as problematic. This issue affects an unknown code. Applying... weiterlesen

A vulnerability was found in Dell Peripheral Manager 1.3.1. It has been declared as critical. This vulnerability affects an unknown part. There is no information... weiterlesen

A vulnerability was found in Dell SRM up to 4.5.0.0 (Supplier Relationship Management Software). It has been classified as very critical. This affects... weiterlesen

A vulnerability was found in Synapse up to 1.27.x and classified as problematic. Affected by this issue is an unknown functionality. Upgrading to version... weiterlesen

A vulnerability has been found in Synapse up to 1.27.x and classified as problematic. Affected by this vulnerability is an unknown function. Upgrading... weiterlesen

A vulnerability, which was classified as problematic, has been found in IBM Jazz Team Server (unknown version). This issue affects an unknown code block... weiterlesen

A vulnerability classified as problematic has been found in IBM Jazz Team Server (the affected version unknown). This affects an unknown part. There is... weiterlesen

A vulnerability was found in IBM Jazz Team Server (affected version not known). It has been rated as problematic. Affected by this issue is some unknown... weiterlesen

A vulnerability was found in IBM Jazz Team Server (affected version unknown). It has been declared as problematic. Affected by this vulnerability is an... weiterlesen

A vulnerability, which was classified as critical, was found in Fatek Automation WinProladder up to 3.3 (Automation Software). This affects an unknown... weiterlesen

A vulnerability classified as problematic was found in SiCKRAGE up to 10.0.11.dev1. Affected by this vulnerability is some unknown functionality. Applying... weiterlesen

... weiterlesen

Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot... weiterlesen

Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building... weiterlesen

A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote... weiterlesen

Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary... weiterlesen

Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions... weiterlesen

The Threat Intelligence team at CloudPassage is in a continuous ARR (Anticipate, Research, Respond) loop. Our Real-Time Vulnerability Alerting Engine harnesses... weiterlesen

Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This... weiterlesen

Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation... weiterlesen

Sydent is a reference Matrix identity server. Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an... weiterlesen

Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could... weiterlesen

Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading... weiterlesen

The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that... weiterlesen

... weiterlesen

In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution... weiterlesen

A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0... weiterlesen

### Impact Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space... weiterlesen

A vulnerability was found in Fortinet FortiADCManager and FortiADC (the affected version unknown). It has been classified as problematic. This affects... weiterlesen

... weiterlesen