A vulnerability classified as critical was found in up to 3.8.20/3.10.7. This vulnerability affects an unknown functionality of the file zstack/v1/batch-queries?script of the component REST API. Upgrading to version 3.8.21, 3.10.8 or 4.1.0 eliminates this vulnerability.
REST API batch-queries code injection
- Virtual Patching
- August 17, 2021
- 9:04 pm
CVE-2024-9632 : X.ORG X SERVER UP TO 21.1.13 BITMAP_XKBSETCOMPATMAP SYM_INTERPRET HEAP-BASED OVERFLOW
Description A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker
CVE-2024-51568 : PSAUX CYBERPANEL UP TO 2.3.4 FILE MANAGER /FILEMANAGER/UPLOAD PROCESSUTILITIES.OUTPUTEXECUTIONER OS COMMAND INJECTION
Description CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka
CVE-2024-8923 : SERVICENOW NOW PLATFORM IMPROPER AUTHENTICATION
Description ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an