114 matches found
CVE-2025-2255 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site Scripting attacks XSS. for AppSec...
Linux Distros Unpatched Vulnerability : CVE-2022-2255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP...
CVE-2024-2255
The CVE concerns the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. It describes a Stored XSS flaw in the plugin’s widgets due to insufficient input sanitization and output escaping on user-supplied attributes (e.g., listStyle) in versions up to 4.5.2. Ex...
Advisory ROSA-SA-2024-2363
Software: modwsgi 4.6.4 OS: ROSA Virtualization 2.1 packageevrstring: modwsgi-4.6.4-4.rv3.1c CVE-ID: CVE-2022-2255 BDU-ID: 2022-05209 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the modwsgi module of the Apache web server is related to errors in the processing of the X-Client-IP header...
CVE-2013-2255
creationtimestamp| type| source ---|---|--- 2024-02-01 16:11:51+00:00| seen| https://t.me/ctinow/177640...
SUSE SLED12: atk-devel / atk-doc / atk-lang / dragonbox-devel / fixmath-devel / etc (SUSE-SU-2024:0075-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0075-1 advisory. libreoffice: - Version update from 7.3.6.2 to 7.5.4.1 jscPED-3561, jscPED-3550, jscPED-1785: For the highlight...
SUSE: Security Advisory (SUSE-SU-2024:0075-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202311-15 : LibreOffice: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202311-15 LibreOffice: Multiple Vulnerabilities - Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will...
libreoffice security update
6.4.7.2-15.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-15 - Resolves: rhbz2210191 CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing - Resolves: rhbz2210195...
Oracle Linux 9 : libreoffice (ELSA-2023-6508)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6508 advisory. - Resolves: rhbz2210193 CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing - Resolves: rhbz2210197 CVE-2023-2255 libreoffice: Remote documents...
Moderate: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
ALSA-2023:6933 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
libreoffice security update
7.1.8.1-11.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:7.1.8.1-11 - Resolves: rhbz2210193 CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing - Resolves: rhbz2210197...
ALSA-2023:6508 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
Amazon Linux 2 : mod_wsgi (ALASHTTPD_MODULES-2023-001)
It is, therefore, affected by a vulnerability as referenced in the ALAS2HTTPDMODULES-2023-001 advisory. A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI...
Debian dla-3526 : fonts-opensymbol - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3526 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3526-1 [email protected]...
Debian: Security Advisory (DLA-3526-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3526-1] libreoffice security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3526-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès August 13, 2023 https://wiki.debian.org/LTS -...