24 matches found
CVE-2019-11521
OX App Suite 7.10.1 allows Content Spoofing...
CVE-2019-7159
OX App Suite 7.10.1 and earlier allows Information Exposure...
EUVD-2019-16709
Malware in sbrugna...
EUVD-2019-5472
Malware in sbrugna...
EUVD-2019-5474
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-22132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store t...
CVE-2024-41629
An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials...
Texas Instruments Fusion Digital Power Designer 7.10.1 Credential Disclosure
Insufficiently Protected Credentials in Texas Instruments Fusion Digital Power Designer v.7.10.1 Credit: Gionathan Armando Reale...
PT-2024-29471 · Texas Instruments · Texas Instruments Fusion Digital Power Designer
Name of the Vulnerable Software and Affected Versions: Texas Instruments Fusion Digital Power Designer version 7.10.1 Description: The issue allows a local attacker to obtain sensitive information via the plaintext storage of credentials. This is due to insufficiently protected credentials in the...
$5,500 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in LayerSlider WordPress Plugin
On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in LayerSlider, a WordPress plugin with more than 1,000,000 estimated active installations. This vulnerability can be leveraged to extract sensitive data fro...
Moderate: Red Hat Security Advisory: Red Hat Fuse 7.10.1 release and security update
A minor version update from 7.10 to 7.10.1 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scori...
GHSA-5FVX-2JJ3-6MFF Insufficiently Protected Credentials in Elasticsearch
Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...
Design/Logic Flaw
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory...
PT-2021-14860 · Elastic · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch versions 7.7.0 through 7.10.1 Description: The issue is an information disclosure flaw in the async search API. When an async search is executed, HTTP headers are improperly stored. An Elasticsearch user with read access to the...
CVE-2019-14227
OX App Suite 7.10.1 and 7.10.2 allows XSS...
CVE-2019-14227
OX App Suite 7.10.1 and 7.10.2 allows XSS...
CVE-2019-14225
OX App Suite is affected by a Server-Side Request Forgery (SSRF) in the backend for versions 7.10.1 and 7.10.2. Root cause details are not fully described beyond the SSRF label, but fixed versions are 7.10.0-rev33, 7.10.1-rev17, and 7.10.2-rev9. Exploit status is not provided beyond the advisory ...
CVE-2019-14227
Open-Xchange OX App Suite is affected by CVE-2019-14227 (XSS) in versions 7.10.1 and 7.10.2. The vulnerability stems from insufficient validation of client-side data in the WEB application, enabling cross-site scripting. Reported in multiple sources, with remediation provided by vendor fixes: 7.1...
CVE-2019-11806
OX App Suite affected: Open-Xchange OX App Suite, versions 7.10.1 and earlier. Root cause: insecure permissions leading to potential information exposure. CVSS (3.0) indicates local access, low privileges required, Confidentiality impact: Low; Integrity/Availability not affected. Exploitation sta...
Open-Xchange (OX) App Suite Access Control Vulnerability (Bug ID 61315)
Open-Xchange OX App Suite is prone to an access control vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...