Security Advisories
Um Unternehmen vor Hackern und Kriminellen zu schützen, müssen wir sicherstellen, dass unsere Fähigkeiten und Kenntnisse stets auf dem neuesten Stand sind. Deshalb ist die Sicherheitsforschung für unsere Arbeit ebenso wichtig wie der Aufbau einer Security Community zur Förderung des Wissensaustausches. Denn mehr Sicherheit kann nur erreicht werden, wenn viele sie zu ihrer Aufgabe machen.
Unsere CST Academy und das usd HeroLab sind wesentliche Bestandteile unserer Sicherheitsmission. Das Wissen, das wir in unserer praktischen Arbeit und durch unsere Forschung gewinnen, teilen wir in Schulungen und Publikationen. In diesem Zusammenhang veröffentlicht das usd HeroLab eine Reihe von Beiträgen zu aktuellen Schwachstellen und Sicherheitsproblemen – stets im Einklang mit den Leitsätzen unserer Responsible Disclosure Policy.
Immer im Namen unserer Mission: „more security“.
Hier finden Sie die Security Advisories der vergangenen Monate:
06/2025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0030 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Unauthenticated Remote Code Execution
More details: usd-2025-0030
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0029 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Dependency on Vulnerable Third-Party Component (CWE-1395)
More details: usd-2025-0029
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0028 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Incorrect Authorization (CWE-863)
More details: usd-2025-0028
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0027 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Absolute Path Traversal (CWE-36)
More details: usd-2025-0027
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0026 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) (CWE-79)
More details: usd-2025-0026
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0025 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Server-Side Request Forgery (SSRF) (CWE-918)
More details: usd-2025-0025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0024 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Improper Restriction of XML External Entity Reference (CWE-611)
More details: usd-2025-0024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0023 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Plaintext Storage of a Password (CWE-256)
More details: usd-2025-0023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0022 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Absolute Path Traversal (CWE-36)
More details: usd-2025-0022
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0021 | Agorum Core Open
Product: Agorum Core Open
Vulnerability Type: Improper Neutralization of Special Elements used in a Command (Command Injection) (CWE-77)
More details: usd-2025-0021
06/2025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0015 | Vtiger Open Source Edition
Product: Vtiger Open Source Edition
Vulnerability Type: Unrestricted Upload of File with Dangerous Type (CWE-434)
More details: usd-2024-0015
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0016 | Vtiger Open Source Edition
Product: Vtiger Open Source Edition
Vulnerability Type: Unrestricted Upload of File with Dangerous Type (CWE-434)
More details: usd-2024-0016
04/2025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0010 | Element X Android
Product: Element X Android
Vulnerability Type: Improper Export of Android Application Components (CWE-926)
More details: usd-2025-0010
03/2025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2025-0002 | Element Android
Product: Element Android
Vulnerability Type: Broken Access (CWE-284)
More details: usd-2025-0002
02/2025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0014 | Cubro
Product: Cubro EXA48200
Vulnerability Type: Broken Access Control (CWE 749)
More details: usd-2024-0014
10/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0013 | Contao
Product: Contao CMS
Vulnerability Type: Unrestricted Upload of File with Dangerous Type (CWE 434)
More details: usd-2024-0013
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0012 | Contao
Vulnerability Type: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
More details: usd-2024-0012
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0011 | PebbleRoad
Vulnerability Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
More details: usd-2024-0011
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0009 | Oveleon
Product: Oveleon
Vulnerability Type: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
More details: usd-2024-0009
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0008 | Webswing
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0007 | Atlassian
Vulnerability Type: Improper Neutralization of Formula Elements in a CSV File (CWE 1236)
More details: usd-2024-0007
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0005 | Metaways Infosystems
Vulnerability Type: Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
More details: usd-2024-0005
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0004 | SAP
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79 'Stored Cross-site Scripting')
More details: usd-2024-0004
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0003 | SAP
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE 79 - 'Reflected Cross-site Scripting')
More details: usd-2024-0003
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0042 | SAP
Product: SAP Fiori - My Leave Requests
Vulnerability Type: CWE-284: Improper Access Control
More details: usd-2023-0042
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0040 | SAP
Product: SAP Fiori - My Travel and Expenses
Vulnerability Type: CWE-862: Missing Authorization
More details: usd-2023-0040
07/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0033 | hugocms
Vulnerability Type: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
More details: usd-2023-0033
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0034 | hugocms
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0035 | hugocms
Product: hugocms
Vulnerability Type: CWE-352: Cross-Site Request Forgery (CSRF)
More details: usd-2023-0035
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0036 | hugocms
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0037 | hugocms
Vulnerability Type: CWE-913: Improper Control of Dynamically-Managed Code Resources
More details: usd-2023-0037
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0015 | Gitea
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0023 | Gitea
Vulnerability Type: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
More details: usd-2022-0023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0024 | Gitea
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0025 | Gitea
Product: Gitea
Vulnerability Type: CWE-284: Improper Access Control
More details: usd-2022-0025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0026 | Gitea
06/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0007 | AXIS P1364 - Webcam
Product: AXIS P1364 - Webcam
Vulnerability Type: Cross-Site Request Forgery (CWE-352)
More details: usd-2023-0007
05/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0008 | WeKan
Product: WeKan
Vulnerability Type: Broken Access Control (CWE-284)
More details: usd-2023-0008
04/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2024-0002 | Gambio
Vulnerability Type: Weak Password Recovery Mechanism for Forgotten Password (CWE-640)
More details: usd-2024-0002
03/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0029 | SONIX Technology Webcam
Product: SONIX Technology Webcam
Vulnerability Type: Incorrect Permission Assignment for Critical Resource (CWE-732)
More details: usd-2023-0029
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0038 | SAP
Product: SAP Fiori Sample Shop
Vulnerability Type: Improper Access Control (CWE-284)
More details: usd-2023-0038
02/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0027 | FileCloud
Product: FileCloud Drive
Vulnerability Type: Dependency on Vulnerable Third-Party Component (CWE-1395)
More details: usd-2023-0027
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0009 | Zimperium
Product: Zimperium Mobile Threat Defense
Vulnerability Type: Improper Verification of Cryptographic Signature (CWE-347)
More details: usd-2023-0009
01/2024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0046 (CVE-2024-23759) | Gambio
Product: Gambio
Vulnerability Type: Deserialization of Untrusted Data (CWE-502)
More details: usd-2023-0046
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0047 (CVE-2024-23763) | Gambio
Product: Gambio
Vulnerability Type: SQL Injection (CWE-89)
More details: usd-2023-0047
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0048 (CVE-2024-23761) | Gambio
Product: Gambio
Vulnerability Type: Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336)
More details: usd-2023-0048
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0049 (CVE-2024-23762) | Gambio
Product: Gambio
Vulnerability Type: Unrestricted Upload of File with Dangerous Type (CWE-434)
More details: usd-2023-0049
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0050 (CVE-2024-23760) | Gambio
Product: Gambio
Vulnerability Type: Plaintext Storage of Password (CWE-256)
More details: usd-2023-0050
12/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0066 (CVE-2023-23634) | Documize
Product: Documize
Vulnerability Type: SQL Injection (CWE-89)
More details: usd-2022-0066
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0065 (CVE-2023-23633) | Documize
Product: Documize
Vulnerability Type: Broken Access Control (CWE-284)
More details: usd-2022-0065
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2021-0033 (CVE-2022-1274) | Keycloak
Product: Keycloak
Vulnerability Type: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)
More details: usd-2021-0033
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0029 | Filerun
Product: Filerun
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0029
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0064 (CVE-2022-47532) | Filerun
Product: Filerun
Vulnerability Type: SQL Injection (CWE-89)
More details: usd-2022-0064
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0051 (CVE-2023-31292) | Planfocus
Product: Planfocus
Vulnerability Type: Insufficient Session Expiration (CWE-613)
More details: usd-2022-0051
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0052 (CVE-2023-31294) | Planfocus
Product: Planfocus
Vulnerability Type: Improper Neutralization of Formula Elements in a CSV File (CWE-1236)
More details: usd-2022-0052
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0053 (CVE-2023-31295) | Planfocus
Product: Planfocus
Vulnerability Type: Improper Neutralization of Formula Elements in a CSV File (CWE-1236)
More details: usd-2022-0053
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0054 (CVE-2023-31296) | Planfocus
Product: Planfocus
Vulnerability Type: Improper Neutralization of Formula Elements in a CSV File (CWE-1236)
More details: usd-2022-0054
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0055 (CVE-2023-31299) | Planfocus
Product: Planfocus
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
More details: usd-2022-0055
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0056 (CVE-2023-31302) | Planfocus
Product: Planfocus
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
More details: usd-2022-0056
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0057 (CVE-2023-31300) | Planfocus
Product: Planfocus
Vulnerability Type: Weak Password Recovery Mechanism for Forgotten Password (CWE-640)
More details: usd-2022-0057
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0058 (CVE-2023-31297) | Planfocus
Product: Planfocus
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0058
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0059 (CVE-2023-31301) | Planfocus
Product: Planfocus
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0059
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0060 (CVE-2023-31298) | Planfocus
Product: Planfocus
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0060
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0061 (CVE-2023-31293) | Planfocus
Product: Planfocus
Vulnerability Type: Improper Access Control (CWE-284)
More details: usd-2022-0061
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0032 (CVE-2023-43057) | IBM QRadar SIEM
Product: IBM QRadar SIEM
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2023-0032
11/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0025 (CVE-2023-45878) | Gibbon Edu
Product: Gibbon Edu
Vulnerability Type: Arbitrary File Write (CWE-434)
More details: usd-2023-0025
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0024 (CVE-2023-45881) | Gibbon Edu
Product: Gibbon Edu
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2023-0024
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0022 (CVE-2023-45880) | Gibbon Edu
Product: Gibbon Edu
Vulnerability Type: Path-Traversal (CWE-23)
More details: usd-2023-0022
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0019 (CVE-2023-45879) | Gibbon Edu
Product: Gibbon Edu
Vulnerability Type: HTML Injection (CWE-79)
More details: usd-2023-0019
10/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0015 (CVE-2023-38193) | SuperWebMailer
Product: SuperWebMailer
Vulnerability Type: Improper Neutralization of Special Elements used in a Command (CWE-77)
More details: usd-2023-0015
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0014 (CVE-2023-38190) | SuperWebMailer
Product: SuperWebMailer
Vulnerability Type: Improper Neutralization of Special Elements used in an SQL Command (CWE-89)
More details: usd-2023-0014
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0013 (CVE-2023-38194) | SuperWebMailer
Product: SuperWebMailer
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
More details: usd-2023-0013
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0012 (CVE-2023-38191) | SuperWebMailer
Product: SuperWebMailer
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
More details: usd-2023-0012
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0011 (CVE-2023-38192) | SuperWebMailer
Product: SuperWebMailer
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
More details: usd-2023-0011
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0020 (CVE-2023-36806) | Contao
Product: Contao
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
More details: usd-2023-0020
09/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0017 | SAP Partner Portal
Product: SAP Partner Portal
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
More details: usd-2023-0017
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0046 (CVE-2023-26457) | SAP HTTP Content Server
Product: SAP HTTP Content Server
Vulnerability Type: Improper Neutralization of HTTP Headers for Scripting Syntax (CWE-644)
More details: usd-2022-0046
08/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0010 | ThingsBoard
Product: ThingsBoard
Vulnerability Type: Server-Side Template Injection (CWE-1336)
More details: usd-2023-0010
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0002 (CVE-2023-41364) | tine Groupware
Product: tine Groupware
Vulnerability Type: SQL-Injection (CWE-89)
More details: usd-2023-0002
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0028 (CVE-2023-29347) | Windows Admin Center
Product: Windows Admin Center
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0028
07/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0004 (CVE-2023-25201) | MultiTech Conduit AP MTCAP2-L4E1
Product: MultiTech Conduit AP MTCAP2-L4E1
Vulnerability Type: CSRF (CWE-352)
More details: usd-2023-0004
06/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0014 | Foswiki
Product: Foswiki
Vulnerability Type: Path Traversal (CWE-23)
More details: usd-2022-0014
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0011 | Foswiki
Product: Foswiki
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0011
05/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0048 (CVE-2022-45144) | Tracim
Product: Tracim
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0048
04/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0034 (CVE-2022-37955) | Microsoft Windows
Product: Microsoft Windows
Vulnerability Type: Improper Link Resolution Before File Access (CWE-59) - Privilege Escalation
More details: usd-2022-0034
03/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0049 | Friendica
Vulnerability Type: Cross-Site Request Forgery (CSRF) (CWE-352)
More details: usd-2022-0049
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0050 | Friendica
Product: Friendica
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2022-0050
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2023-0001 | Friendica
Product: Friendica
Vulnerability Type: Cross-Site Scripting (CWE-79)
More details: usd-2023-0001
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0002 (CVE-2023-28868) | NCP Secure Enterprise Client
Product: NCP Secure Enterprise Client
Vulnerability Type: Improper Access Control (CWE-284) - Arbitrary File Delete
More details: usd-2022-0002
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0003 (CVE-2023-28869) | NCP Secure Enterprise Client
Product: NCP Secure Enterprise Client
Vulnerability Type: Improper Access Control (CWE-284) - Arbitrary File Read
More details: usd-2022-0003
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0004 (CVE-2023-28870) | NCP Secure Enterprise Client
Product: NCP Secure Enterprise Client
Vulnerability Type: Incorrect Default Permissions (CWE-276) - Insecure File Permissions
More details: usd-2022-0004
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0005 (CVE-2023-28871) | NCP Secure Enterprise Client
Product: NCP Secure Enterprise Client
Vulnerability Type: Improper Access Control (CWE-284) - Insecure Registry Export
More details: usd-2022-0005
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0006 (CVE-2023-28872) | NCP Secure Enterprise Client
Product: NCP Secure Enterprise Client
Vulnerability Type: Improper Access Control (CWE-284) - Privilege Escalation
More details: usd-2022-0006
02/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0032 (CVE-2023-28873) | Seafile
Product: Seafile
Vulnerability Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
More details: usd-2022-0032
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0033 (CVE-2023-28874) | Seafile
Product: Seafile
Vulnerability Type: URL Redirection to Untrusted Site (CWE-601)
More details: usd-2022-0033
01/2023
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0030 (CVE-2023-23636) | Jellyfin
Product: Jellyfin
Vulnerability Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
More details: usd-2022-0030
!!nicht bearbeiten!!
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
usd-2022-0031 (CVE-2023-23635) | Jellyfin
Product: Jellyfin
Vulnerability Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
More details: usd-2022-0031