CVE-2020-12755

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password...

CVE-2020-12755

CVE-2020-12755 affects KDE kio-extras (fishProtocol::establishConnection in fish/fish.cpp) through version 20.04.0. The vulnerability may cause a cacheAuthentication call even when keepPassword is not set, potentially leading to unintended storage of passwords in KWallet. Connected documents cons...

CVE-2020-12755

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password...

CVE-2020-11724

An issue was discovered in OpenResty before 1.15.8.4. ngxhttpluasubrequest.c allows HTTP request smuggling, as demonstrated by the ngx.location.capture API...

CVE-2014-0234

Technical details for CVE-2014-0234 are not publicly available in the provided documents. No affected product/version/impact is specified here. Monitor for updates in the connected sources for exact remediation guidance.

CVE-2014-0234

The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in Openshift Extras before 20130920. NOTE: this m...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

UBUNTU-CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

Code injection

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The CVE-2012-6114 issue affects the git-changelog utility in git-extras 1.7.0. A local user can cause a symlink attack targeting /tmp/changelog or /tmp/.git-effort, enabling overwriting of arbitrary files. The root cause is a symlink/privilege-exacerbated file-write vulnerability in the utility’s...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

UBUNTU-CVE-2019-17531

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the apache-log4j-extra version 1.2.x jar in the classpath, and an...

Menu Item Extras - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2019-050

This module enables you to handle fields for Custom Menu Links. The module doesn't sufficiently check requests to one of the module controllers if the user has permission 'administer menu'. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create...

Fedora Update for kio-extras FEDORA-2018-2e64407bef

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for dnf-plugins-extras FEDORA-2019-1fccede810

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion

JSPromise::TriggerPromiseReactionsIsolate isolate, Handle reactions, Handle argument, PromiseReaction::Type type DCHECKreactions-IsSmi || reactions-IsPromiseReaction; // We need to reverse the reactions here, since we record them // on the JSPromise in the reverse order. DisallowHeapAllocation...

Google Chrome 72.0.3626.96 / 74.0.3702.0 - JSPromise::TriggerPromiseReactions Type Confusion

JSPromise::TriggerPromiseReactionsIsolate isolate, Handle reactions, Handle argument, PromiseReaction::Type type DCHECKreactions-IsSmi || reactions-IsPromiseReaction; // We need to reverse the reactions here, since we record them // on the JSPromise in the reverse order. DisallowHeapAllocation...