GHSA-VJ2J-6G3W-4662 Silverstripe Missing CSRF protection in login form

LoginForm calls disableSecurityToken, which causes a "shared host domain" vulnerability: http://stackoverflow.com/a/15350123...

Hubs Cloud 跨站脚本漏洞

Hubs Cloud is an application for the Hubs community. All the AWS resources needed to host your own immersive space from your company or organization's own account can be created and managed. Hub Cloud has a security vulnerability that allows users to download shared content, specifically HTML and...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2020:3159-1)

"This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.9-11 October 2020 CPU, bsc1177943 - New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector - Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling +...

The vulnerability of the set_host_domain_name function in Cisco Linksys E1200 and Cisco Linksys E2500 router microprogramming systems allows a hacker to gain full control over the vulnerable device.

The vulnerability of the sethostdomainname function libshared.so in Cisco Linksys E1200 and Cisco Linksys E250 router microprogramming systems exists due to the lack of measures taken to neutralize the special elements used in the operating system command. Exploiting this vulnerability can allow ...