Filters

Versions

2.0
34
2.1
34

IBM Planning Analytics Local - IBM Planning Analytics Workspace9 vulnerabilities

First published (updated )
IBM-7157110

IBM Planning Analytics Local missing authentication

medium
6.7
First published (updated )
CVE-2024-35143

XSS

medium
6.5
First published (updated )
CVE-2024-27982

NodeJS Command injection via args parameter of child_process.spawn without shell option enabled on Windows (CVE-2024-27980)

high
7.3
First published (updated )
CVE-2024-27980

Race Condition

high
8.2
First published (updated )
CVE-2024-27983

node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-28863

Proxy-Authorization header kept across hosts in follow-redirects

medium
6.5
EPSS
0.04%
First published (updated )
CVE-2024-28849

HTTP/2 CONTINUATION flood in net/http

high
7.5
First published (updated )
CVE-2023-45288

Input Validation

high
7.5
First published (updated )
CVE-2023-51775

Redis Unix-domain socket may have be exposed with the wrong permissions for a short time window.

low
3.6
First published (updated )
CVE-2023-45145

IBM Planning Analytics Local - IBM Planning Analytics Workspace23 vulnerabilities

First published (updated )
IBM-7151122

IBM Planning Analytics Local cross-site scripting

medium
5.4
First published (updated )
CVE-2024-31889

IBM Planning Analytics Local cross-site scripting

medium
6.4
First published (updated )
CVE-2024-31908

XSS

medium
5.4
First published (updated )
CVE-2024-31907

Spring Framework URL Parsing with Host Validation

high
8.1
First published (updated )
CVE-2024-22262

Integer Overflow

high
7.5
First published (updated )
CVE-2024-23082

ThreeTen Backport is vulnerable to a denial of service, caused by a NullPointerException flaw in the…

high
7.5
First published (updated )
CVE-2024-23081

Express.js Open Redirect in malformed URLs

medium
6.1
EPSS
0.04%
First published (updated )
CVE-2024-29041

Apache ZooKeeper: Information disclosure in persistent watcher handling

medium
4.3
First published (updated )
CVE-2024-23944

es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

medium
4.4
EPSS
0.04%
First published (updated )
CVE-2024-27088

cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

high
7.5
EPSS
0.04%
First published (updated )
CVE-2024-26130

In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource con…

high
7.5
First published (updated )
CVE-2023-52428

PKCS12 Decoding crashes

medium
5.5
EPSS
0.23%
First published (updated )
CVE-2024-0727

Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659

high
7.5
First published (updated )
CVE-2023-50782

Apache CouchDB, IBM Cloudant: Privilege Escalation Using _design Documents

medium
6.7
First published (updated )
CVE-2023-45725

cryptography vulnerable to NULL-dereference when loading PKCS7 certificates

high
7.5
First published (updated )
CVE-2023-49083

Improper handling of filenames in Content-Disposition HTTP header in github.com/gin-gonic/gin

high
7.5
First published (updated )
CVE-2023-29401

Input Validation

high
7.3
First published (updated )
CVE-2023-26125

Arbitrary log line injection in github.com/gin-gonic/gin

high
8.2
First published (updated )
CVE-2020-36567

Redis Crash Report debug.c sigsegvHandler denial of service

low
3.3
First published (updated )
CVE-2022-3647

Apache CouchDB Insecure Default Initialization of Resource Vulnerability

critical
10
Exploited
First published (updated )
CVE-2022-24706

Privilege escalation vulnerability when using HTML attachments

high
7.8
First published (updated )
CVE-2021-38295

A flaw was found in the json-smart package in the JSONParserByteArray. This flaw allows an attacker …

high
7.5
First published (updated )
CVE-2021-31684

HTTP Response Splitting

high
7.1
First published (updated )
CVE-2020-28483

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203