NVD

When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code …

An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < …

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in …

M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of …

Hyweb HyCMS-J1’s API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without …

Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a …

This affects all versions of package jquery-ui; all versions of package org.fujion.webjars:jquery-ui.
When the "dialog" is …

This affects the package vis-timeline before 7.4.4.
An attacker with the ability to control the items of a Timeline element can inject …

IBM MQ Internet Pass-Thru 2.1 and 9.2 could allow a remote user to cause a denial of service by sending malformed MQ data requests which …

HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an …

Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers …

OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. …