A vulnerability, which was classified as problematic, has been found in yetiforcecrm (unknown version). This issue affects some unknown functionality of the component Web Page Generation Handler. Applying the patch 9cdb012ca64ff1f719f8120d5fd162cd5ef1013f is able to eliminate this problem. The bugfix is ready for download at github.com.
yetiforcecrm Web Page Generation cross site scripting [CVE-2021-4116]
- Virtual Patching
- December 16, 2021
- 8:13 am
CVE-2024-32608 : HDF5 UP TO 1.14.3 H5A__CLOSE MEMORY CORRUPTION
Description HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing
CVE-2024-45160 : LEMONLDAP::NG UP TO 2.19.1 OAUTH2 CLIENT AUTHENTICATION CLIENT_PASSWORD IMPROPER AUTHENTICATION
Description Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an
CVE-2024-45179 : ZA-INTERNET C-MOR VIDEO SURVEILLANCE 5.2401/6.00PL01 WEB INTERFACE SETTIMEZONE.PML CITY OS COMMAND INJECTION
Description An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to insufficient input validation, the C-MOR