Medium
CVSS: 6.9
Yayın: 2025-01-13 00:15:06
A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the function download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument name leads to path trave…
Medium
CVSS: 5.1
Yayın: 2025-01-12 23:15:07
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/categories/update. The manipulation of the argument categoryName leads to cross site scripting. T…
Medium
CVSS: 5.1
Yayın: 2025-01-12 23:15:07
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/common/uploadController.java. The manipulation of t…
Low
CVSS: 1.6
Yayın: 2025-01-12 22:15:07
HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Low
CVSS: 1.6
Yayın: 2025-01-12 22:15:06
HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute mal…
Low
CVSS: 2.0
Yayın: 2025-01-12 22:15:05
HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version.
Medium
CVSS: 5.1
Yayın: 2025-01-12 14:15:08
A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argumen…
Medium
CVSS: 5.9
Yayın: 2025-01-12 14:15:06
IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks.
Medium
CVSS: 5.3
Yayın: 2025-01-12 13:15:07
A vulnerability, which was classified as problematic, was found in reckcn SPPanAdmin 1.0. Affected is an unknown function of the file /;/admin/role/edit. The manipulation of the argument name leads to cross site scripting. It is possible to launch th…
High
CVSS: 8.5
Yayın: 2025-01-12 12:15:17
A vulnerability, which was classified as critical, has been found in exelban stats up to 2.11.21. This issue affects the function shouldAcceptNewConnection of the component XPC Service. The manipulation leads to command injection. It is possible to l…
Medium
CVSS: 5.4
Yayın: 2025-01-12 02:15:18
IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the inte…
Medium
CVSS: 5.4
Yayın: 2025-01-12 02:15:18
IBM Jazz Foundation 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credenti…
Medium
CVSS: 5.5
Yayın: 2025-01-11 16:15:24
In the Linux kernel, the following vulnerability has been resolved:
mm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy()
In split_large_buddy(), we might call pfn_to_page() on a PFN that might
not exist. In c…
Unknown
CVSS: -
Yayın: 2025-01-11 15:15:09
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Unknown
CVSS: -
Yayın: 2025-01-11 15:15:09
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Unknown
CVSS: -
Yayın: 2025-01-11 15:15:09
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Unknown
CVSS: -
Yayın: 2025-01-11 15:15:09
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Unknown
CVSS: -
Yayın: 2025-01-11 15:15:08
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Medium
CVSS: 5.5
Yayın: 2025-01-11 15:15:08
In the Linux kernel, the following vulnerability has been resolved:
ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array
The code uses the initialised member of the asoc_sdw_dailink struct to
determine if a member of the array is in use…
Medium
CVSS: 5.5
Yayın: 2025-01-11 15:15:08
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: iso: Always release hdev at the end of iso_listen_bis
Since hci_get_route holds the device before returning, the hdev
should be released with hci_dev_put at the end of i…