148 matches found
CVE-2022-34009
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
CVE-2022-34009
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
CVE-2022-34009
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
Cross site scripting
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
CVE-2022-34009
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
UBUNTU-CVE-2022-34009
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
CVE-2022-34009
CVE-2022-34009 affects Fossil 2.18 on Windows. The vulnerability arises from ticket data being stored in a temporary file and the software not properly handling the absence of that file after Windows Defender flags it as malware, enabling a denial-of-service via an XSS payload in a ticket that cr...
CVE-2022-34009
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
CVE-2022-34009
Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...
Fossil 跨站脚本漏洞
Fossil is a simple, highly reliable distributed software configuration management system. A security vulnerability exists in Fossil version 2.18 that stems from ticket data being stored in a temporary file and the product's inability to correctly handle the file's absence after Windows Defender...
PT-2022-21965 · Microsoft · Windows Defender
Name of the Vulnerable Software and Affected Versions: Fossil version 2.18 Description: The issue allows attackers to cause a denial of service, resulting in a daemon crash, by utilizing an XSS payload in a ticket. This happens because ticket data is stored in a temporary file, and the product...
[SECURITY] Fedora 35 Update: reposurgeon-4.31-2.fc35
Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...
[SECURITY] Fedora 36 Update: reposurgeon-4.32-2.fc36
Reposurgeon enables risky operations that version-control systems don't want to let you do, such as editing past comments and metadata and removing commits. It works with any version control system that can export and import git fast-import streams, including git, hg, fossil, bzr, CVS and RCS. It...
Friday Squid Blog: 328-million-year-old Vampire Squid Ancestor Discovered
A fossilized ancestor of the vampire squid -- with ten arms -- was discovered and named Syllipsimopodi bideni after President Biden. Heres the research paper. Note: Vampire squids are not squids. Yes, its weird. As usual, you can also use this squid post to talk about the security stories in the...
buildbot-fossil (=0.3.0), epcpm (>=2019.2.3 <=2021.7.0) +4 more potentially affected by CVE-2022-23607 via treq (>=21.1.0 <=21.5.0)
treq PYPI version =21.1.0, =2019.2.3, =0.0.0, =0.8.0, =0.8.0, =1.0.2, =1.1.2 Source cves: CVE-2022-23607 Source advisory: OSV:PYSEC-2022-26...
buildbot-fossil (>=0.1.0 <=0.3.0), crossbar (=17.3.1) +8 more potentially affected by CVE-2022-23607 via treq (>=17.3.1 <=21.5.0)
treq PYPI version =17.3.1, =0.1.0, =2019.2.3, =0.0.0, =0.8.0, =0.8.0, =1.0.2, =0.100.2, =0.1.0, =0.1.2 Source cves: CVE-2022-23607 Source advisory: OSV:GHSA-FHPF-PP6P-55QC...
Mageia: Security Advisory (MGASA-2021-0491)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0285)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0354)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0042)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...