Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting vulnerability affecting the Security Console’s Filtered Asset Search feature. A specific search criterion and operator combination in Filtered Asset Search could have allowed a user to pass code through the provided search field. This issue affects version 6.6.80 and prior, and is fixed in 6.6.81. If your Security Console currently falls on or within this affected version range, ensure that you update your Security Console to the latest version. (CVSS:0.0) (Last Update:2021-06-16)
CVE-2021-3535
- Virtual Patching
- June 16, 2021
- 12:00 am
CVE-2022-22486 : IBM TIVOLI WORKLOAD SCHEDULER 9.4/9.5/10.1 XML EXTERNAL ENTITY REFERENCE
Description IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when
CVE-2023-24997 : APACHE INLONG UP TO 1.5.0 DESERIALIZATION
Description Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0.
CVE-2022-37708 : DOCKER 20.10.15 BUILD FD82621 PERMISSION
Description Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker container can access any