5127 matches found
Fedora: Security Advisory for wireshark (FEDORA-2022-9d4aa8a486)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security Bulletin: IBM QRadar Network Packet Capture has released 7.3.1 Patch 1, and 7.2.8 Patch 1 in response to the vulnerabilities known as Spectre and Meltdown.
Summary IBM has released the following 7.3.1 Patch 1 and 7.2.8. Patch 1 for IBM QRadar Network Packet Capture in response to CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5715 CVEID: CVE-2017-5754 Affected Products and Versions IBM...
Jenkins Sonar Gerrit Plugin vulnerable to Cross-Site Request Forgery
A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...
The vulnerability of the relay_cgi.cgi script implementation in the microprogramming software for Dingtian DT-R002’s relay devices allows a hacker to bypass security restrictions and gain full control over the device.
The vulnerability of the relaycgi.cgi script implementation in Dingtian DT-R002 microprogramming software relates to exploiting the capture-replay technique to bypass authentication procedures. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions and gain ful...
Denial Of Service (DoS)
chromium is vulnerable to denial of service. The vulnerability exists due to the use after free in the Camera Capture component in the library, allowing an attacker to cause heap corruption via a crafted HTML page which leads to an application crash...
[SECURITY] Fedora 37 Update: xfce4-screenshooter-1.10.0-1.fc37
The Xfce Screenshooter utility allows you to capture the entire screen, the active window or a selected region. You can set the delay that elapses before the screenshot is taken and the action that will be done with the screenshot: save it to a PNG file, copy it to the clipboard, or open it using...
Fedora: Security Advisory for xfce4-screenshooter (FEDORA-2022-7febff96e0)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-3724
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows...
CVE-2022-3724
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows...
CVE-2022-3190
A vulnerability was found in Wireshark. This issue occurs due to an Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark, leading to a denial of service via packet injection or crafted capture file...
CVE-2022-3724
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows...
CVE-2022-41947
CVE-2022-41947 describes a cross-site scripting (XSS) vulnerability in DHIS 2 core where an authenticated user can upload a file containing embedded JavaScript, which could be triggered when another authenticated user opens the file in a browser. Affected versions are DHIS 2 prior to 2.36.12.1, 2...
CVE-2022-41947 Cross-site Scripting with user-uploaded files in dhis2-core
DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. Through various features of DHIS2, an authenticated user may be able to upload a file which includes embedded javascript. The user could then potentially trick another authenticated...
CVE-2022-41949
CVE-2022-41949 affects DHIS 2 core. An authenticated DHIS2 user can craft a request that makes the server fetch external resources, enabling a semi‑blind Server-Side Request Forgery (SSRF) in the dhis2-core component. This can allow an attacker to identify vulnerable services not publicly exposed...
CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core
DHIS 2 is an open source information system for data capture, management, validation, analytics and visualization. In affected versions an authenticated DHIS2 user can craft a request to DHIS2 to instruct the server to make requests to external resources like third party servers. This could allow...
CVE-2022-46688
A cross-site request forgery CSRF vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers previously configured by Jenkins administrators using attacker-specified credentials IDs obtained through another method,...
Chromium: CVE-2022-4175 Use after free in Camera Capture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10229-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10229-1 advisory. - Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a...
[SECURITY] Fedora 37 Update: wireshark-4.0.1-1.fc37
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...