An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds access issue was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds write issue was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved validation of symlinks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with additional entitlement checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An access issue was addressed with additional sandbox restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An information disclosure issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved handling of symlinks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An information disclosure issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A buffer overflow was addressed with improved size validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
This issue was addressed by restricting options offered on a locked device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
This issue was addressed with improved validation of symlinks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post.1.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Chef Habitat builder-api on-prem-builder package with any version lower than habitat/builder-api/10315/20240913162802 is vulnerable to indirect object reference (IDOR) by un-authorized deletion. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Contact Form 7 + Telegram plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'wpcf7_Telegram::ajax' function in. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible due to improper HTML sanitization in markdown elements. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An information leakage was addressed with additional validation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in didi Super-Jacoco 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.