CVE-2024-6121 : NI SYSTEMLINK SERVER/FLEXLOGGER REDIS VULNERABLE THIRD-PARTY COMPONENT

Description An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects

Description Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This report details a security vulnerability in Argo

Description Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in

Description A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions <

Description D-Link – CWE-288:Authentication Bypass Using an Alternate Path or Channel. References https://www.gov.il/en/Departments/faq/cve_advisories For More Information CVERecord

Description Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained

Description 1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some

Description A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated,

Description The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an

Description Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive

Description In streampark, the project module integrates Maven’s compilation capabilities. The input parameter validation is not strict, allowing attackers to

Description In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto

Description Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values

Description The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is not properly implemented, allowing remote

Description A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its

Description IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation

Description In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock

Description An Improper Neutralization of Data within XPath Expressions (‘XPath Injection’) vulnerability in J-Web shipped with Juniper Networks Junos OS

Description The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including,

Description EVerest is an EV charging software stack. An integer overflow in the “v2g_incoming_v2gtp” function in the v2g_server.cpp implementation can

Description Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover

Description Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software WishList Member X.This issue affects WishList Member

Description Vulnerability in Jaspersoft JasperReport Servers.This issue affects JasperReport Servers: from 8.0.4 through 9.0.0. References https://community.jaspersoft.com/advisories/jaspersoft-security-advisory-july-9-2024-jasperreports-server-cve-2024-3325-r4/ For More Information CVERecord