The affected versions are: v126.96.36.199 (r9748) and before. As a recommendation, update the software as soon as possible and don't run daemons on the vulnerable version. Also, upgrade the services that need to connect to the internet, like mail, DNS, etc. In addition to that, change the
This issue affects Apache Pulsar Broker and Proxy versions 2.8.4 and later; 2.10.0 and later; 2.11.0 and later; 2.12.0 and later; 2.13.0 and later; 3.0.0 and later; 3.1.0 and later; 3.2.0 and later; 3.
Update to version 2.10.0 has been released to fix this issue. Incorrect Input Validation Vulnerability in Apache Pulsar Proxy with Remote Code Execution Vulnerability In Apache Pulsar Proxy component, the input validation of the username and password fields is performed in the URLDecode() function. An attacker could exploit
The Apache Pulsar Broker, Proxy, and WebSocket Proxy clients communicate with each other over a secured connection using the pulsar+ssl protocol. The SSL/TLS protocol provides hostname verification, which is the process of verifying that the server with which the client is communicating is the server that the client
SFTPGo is susceptible to Cross-site scripting (XSS) vulnerabilities in the WebClient component. According to the vendor, these vulnerabilities have been fixed in version 2.3.5. No known workarounds exist. SFTPGo is susceptible to Cross-site scripting (XSS) vulnerabilities in the WebClient component. According to the vendor, these vulnerabilities have been
A memory leak was discovered in AP4_File::Write in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. A memory leak was discovered in AP4_File::Close in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial
A vulnerability has been identified in Parasolid V33.1 (All versions V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 V33.1.263), Parasolid V34.0 (All versions V34.0.252), Parasolid V34.1 (All versions V34.1.242), Parasolid V35.0 (All versions V35.0.161), Parasolid
To fix this vulnerability, we strongly recommend users upgrade to Apache Calcite 1.32.0 or a newer version. In case you are currently using a previous version, then you should disable any of the operators mentioned above (which are enabled by default) in your application configuration. If you have
An attacker can exploit this vulnerability by sending a malicious request to the targeted server. An attacker can then send this malicious request to the targeted server. If the server accepts the connection and process the malicious request, the targeted server will receive the request and attempt to process it.