Impact The Solr-based search in XWiki discloses the password hashes of all users to anyone with view right on the respective user profiles. By default, all user profiles are public. To reproduce, it i ...
Continue Reading
December 16, 2023
A vulnerability has been identified in microweber where users can purchase items with a coupon code. If the admin disables the use of the coupon code functionality, but the user sends requests to the ...
Continue Reading
December 15, 2023
Google Drive API Python wrapper library. Maintained fork of...Read More ...
Continue Reading
December 15, 2023
Bazarr manages and downloads subtitles. Prior to 1.3.1, the /api/swaggerui/static endpoint in bazarr/app/ui.py does not validate the user-controlled filename variable and uses it in the send_file func ...
Continue Reading
December 15, 2023
XWiki Platform is a generic wiki platform. Starting in 7.2-milestone-2 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, the Solr-based search in XWiki discloses the password hashes of all users ...
Continue Reading
December 15, 2023
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. In certain ...
Continue Reading
December 15, 2023
Summary There is a vulnerability in Enterprise Security API for Java that could allow a remote attacker to exploit this vulnerability and cause a denial of service condition.. The code is used by IBM ...
Continue Reading
December 15, 2023
Summary There is a vulnerability in Santuario that could allow a remote authenticated attacker to obtain sensitive information on the system. The code is used by IBM Process Mining. This bulletin iden ...
Continue Reading
December 15, 2023
Back to Main
