128 matches found
BELL-CVE-2019-3902 CVE-2019-3902 does not affect BellSoft software
Bulletin has no description...
CVE-2022-3902
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to unmask webhook secret tokens by reviewing the logs after testing...
CVE-2022-3902
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to unmask webhook secret tokens by reviewing the logs after testing...
CVE-2022-3902
The CVE-2022-3902 issue affects GitLab: versions 9.3–15.4.5, 15.5–15.5.4, and 15.6–15.6.0 are vulnerable to unmasking webhook secret tokens by reviewing logs after testing webhooks. Root cause details are not expanded beyond the description provided, but the vulnerability allows a project maintai...
FreeBSD : Gitlab -- Multiple Vulnerabilities (3cde510a-7135-11ed-a28b-bff032704f00)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3cde510a-7135-11ed-a28b-bff032704f00 advisory. - Gitlab reports: DAST API scanner exposes Authorization headers in vulnerabilities Group IP...
USN-5102-1: Mercurial vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in Mercurial. CVEs contained in this USN include: CVE-2018-17983, CVE-2019-3902. Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted...
Ubuntu: Security Advisory (USN-5102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5102-1: Mercurial vulnerabilities
It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. CVE-2019-3902 It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a...
Ubuntu 18.04 LTS : Mercurial vulnerabilities (USN-5102-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-1 advisory. It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the targets...
Advisory ROSA-SA-2021-1918
Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...
SUSE: Security Advisory (SUSE-SU-2020:3902-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1709-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1709-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial of Service Vulnerability in D-Link Router COVR-3902
The COVR-3902 is a router from D-Link. A denial of service vulnerability exists in the D-Link router COVR-3902, which can be exploited by attackers to cause a denial of service attack...
SUSE-SU-2020:3003-1 Security update for mercurial
This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035...
CentOS 7 : libtiff (RHSA-2020:3902)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3902 advisory. - TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior...
Oracle Linux 7 : libtiff (ELSA-2020-3902)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3902 advisory. - Fix CVE-2019-17546 Resolves: 1771371 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...
RHEL 7 : libtiff (RHSA-2020:3902)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3902 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: integer...
Hardcoded credentials
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration...
CVE-2018-20432
CVE-2018-20432 affects D-Link COVR-2600R and COVR-3902 Kit prior to firmware version 1.01b05Beta01. The issue is hardcoded credentials for the telnet service, enabling unauthenticated privileged access and potential data extraction or configuration modification. A PoC exists showing steps to reve...