21 matches found
CVE-2020-10376
Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header...
WordPress Course Redirects for Learndash Plugin plugin <= 0.4 - Cross-Site Request Forgery vulnerability
Cross-Site Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin Course Redirects for Learndash versions = 0.4...
CVE-2014-10376
The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection...
CVE-2019-10376
A reflected cross-site scripting vulnerability in Jenkins Wall Display Plugin 0.6.34 and earlier allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin...
Debian: Security Advisory (DLA-967-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0166)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-10376
CVE-2020-10376 affects Technicolor TC7337NET devices (version 08.89.17.23.03). The issue enables remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header. This reflects a credential disclosure vulnerability exposed over network traffic. No remediati...
CVE-2014-10376
creationtimestamp| type| source ---|---|--- 2019-08-17 01:38:06+00:00| seen| https://t.me/cibsecurity/6199...
CVE-2014-10376
The i-recommend-this plugin before 3.7.3 for WordPress has SQL injection...
CVE-2014-10376
CVE-2014-10376 affects the WordPress plugin i-recommend-this (before version 3.7.3). The vulnerability is a SQL injection in the plugin, allowing potential arbitrary SQL execution with network access and no authentication. CVSS: 3.0 base score 9.8 (CRITICAL) across confidentiality, integrity, and...
CVE-2019-10376
CVE-2019-10376 corresponds to a reflected cross-site scripting vulnerability in Jenkins Wall Display Plugin (versions
Debian DSA-3943-1 : gajim - security update
Gajim, a GTK+-based XMPP/Jabber client, unconditionally implements the 'XEP-0146: Remote Controlling Clients' extension, allowing a malicious XMPP server to trigger commands to leak private conversations from encrypted sessions. With this update XEP-0146 support has been disabled by default and...
[SECURITY] [DSA 3943-1] gajim security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3943-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 14, 2017 https://www.debian.org/security/faq -...
GLSA-201707-14 : Gajim: Information disclosure
The remote host is affected by the vulnerability described in GLSA-201707-14 Gajim: Information disclosure Gajim unconditionally implements the XEP-0146: Remote Controlling Clients extension. Impact : Remote attackers, by enticing a user to connect to a malicious XMPP server, could extract...
Fedora Update for gajim FEDORA-2017-62547837ba
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated gajim packages fix security vulnerability
Gajim unconditionally implements the "XEP-0146: Remote Controlling Clients" extension, which may be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions CVE-2016-10376...
openSUSE Security Update : gajim (openSUSE-2017-665)
This update for gajim fixes the following issues : - CVE-2016-10376: XEP-0146 extension can be abused by malicious XMPP servers boo1041163. - Update to version 0.16.7 : - Better compatibility with XEP-0191: Blocking Command. - Gajim now depends on python-gnupg for PGP encryption. - Remove usage o...
CVE-2016-10376
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...
CVE-2016-10376
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...
CVE-2016-10376
Gajim (XMPP client) up to version 0.16.7 unconditionally implements XEP-0146: Remote Controlling Clients, allowing a malicious XMPP server to trigger actions and potentially leak plaintext from OTR sessions. Public advisories (Debian, Gentoo, Fedora) note this behavior and provide patches/mitigat...