| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. |
| ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet. |
| Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions. |
| Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. |
| IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898. |
| Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896. |
| Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup. |
| Cross-Site Request Forgery (CSRF) vulnerability in WattIsIt PayGreen – Ancienne version plugin <= 4.10.2 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rigorous & Factory Pattern Dovetail plugin <= 1.2.13 versions. |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in CAGE Web Design | Rolf van Gelder Optimize Database after Deleting Revisions plugin <= 5.1 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nate Reist Protected Posts Logout Button plugin <= 1.4.5 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in psicosi448 wp2syslog plugin <= 1.0.5 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in IKSWEB WordPress Старт plugin <= 3.7 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Madalin Ungureanu, Antohe Cristian Client Portal – Private user pages and login plugin <= 1.1.8 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Noah Hearle, Design Extreme We’re Open! plugin <= 1.46 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JoomSky JS Job Manager plugin <= 2.0.0 versions. |
| Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider.
This issue affects Apache Airflow AWS Provider versions before 7.2.1.
|
| Out-of-bounds write in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable denial of service via local access. |