126 matches found
CVE-2022-0870
Gogs (gogs/gogs) prior to version 0.12.5 is affected by a Server-Side Request Forgery (SSRF) vulnerability in the repository migration logic. The issue enables an attacker to trigger SSRF via the affected migration pathway, with reachable impact limited to information exposure or unauthorized int...
CVE-2022-0870
Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...
CVE-2022-0870 Server-Side Request Forgery (SSRF) in gogs/gogs
Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...
CVE-2021-0870
In RWSetActivatedTagType of rwmain.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11...
CVE-2021-0870
CVE-2021-0870 describes a memory corruption race condition in RW_SetActivatedTagType (rw_main.cc) that could allow remote code execution with no privileges required and no user interaction. Affected: Android 9, 10, 11, and 8.1. CVSSv3 base score 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). Public r...
CVE-2021-0870
creationtimestamp| type| source ---|---|--- 2021-10-05 18:33:20+00:00| seen| https://t.me/tomhunter/357 2021-10-06 15:56:28+00:00| seen| https://t.me/truesecator/2186 2021-10-22 18:39:15+00:00| seen| https://t.me/cibsecurity/31037 2021-12-03 20:01:46+00:00| seen|...
Samba < 3.4.0 Remote Code Execution Vulnerability (CVE-2012-0870)
Ensure AndX offsets are increasing strictly monotonically in pre-3.4 versions. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program ...
SUSE: Security Advisory (SUSE-SU-2012:0348-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2012:0870-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2012:0515-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2012:0502-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2012:0337-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:0870-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-0870
An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit this vulnerability, an attacker would first have to log on ...
CVE-2020-0870
CVE-2020-0870 is a local, elevation-of-privilege flaw in the Windows Shell infrastructure component caused by improper handling of in‑memory objects. An attacker who can log on and run a crafted application could execute code with elevated privileges. The patch fixes how the Shell infrastructure ...
CVE-2020-0870 Shell infrastructure component Elevation of Privilege Vulnerability
...
Low: Red Hat Security Advisory: python-flask security update
An update for python-flask is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2019-0870
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867,...
Cross site scripting
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0868,...
CVE-2019-0870
Technical details about CVE-2019-0870 are not provided in the connected documents. The available data include a description of an XSS vulnerability in Azure DevOps Server/TFS and CVSS metrics. Monitor for updates.