Keycloak version 12.0.1 suffers from a blind server-side request forgery vulnerability.
Apache HTTP Server version 2.4.50 suffers from path traversal and code execution vulnerabilities.
Sonicwall SonicOS version 7.0 suffers from a host header injection vulnerability.
myfactory.FMS versions 7.1-911 and below suffer from a cross site scripting vulnerability.
SolarWinds Kiwi CatTools 3.11.8 – Unquoted Service Path
TextPattern CMS 4.8.7 – Remote Command Execution (RCE) (Authenticated)
TextPattern CMS 4.8.7 – Remote Command Execution (RCE) (Authenticated)
SolarWinds Kiwi CatTools 3.11.8 – Unquoted Service Path
myfactory.FMS versions 7.1-911 and below suffer from a cross site scripting vulnerability.
Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the…