Payara Micro Community up to 5.2021.6 pathname traversal [CVE-2021-41381]

A vulnerability was found in Payara Micro Community up to 5.2021.6. It has been classified as critical. Affected is some unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

Description IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script.

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

Description CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().build_extension()` function. The vulnerability arises from the `/mount_extension`

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

Description Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile