Authentication flaw

Nexkey is a fork of Misskey, an open source, decentralized social media platform. Prior to version 12.121.9, incomplete URL validation can allow users to bypass authentication for access to the job queue dashboard. Version 12.121.9 contains a fix for this issue. As a workaround, it may be possibl...

CVE-2023-43805 Nexkey allows users to bypass authentication of Bull dashboard

Nexkey is a fork of Misskey, an open source, decentralized social media platform. Prior to version 12.121.9, incomplete URL validation can allow users to bypass authentication for access to the job queue dashboard. Version 12.121.9 contains a fix for this issue. As a workaround, it may be possibl...

CVE-2023-43805

Nexkey (Misskey fork) pre-12.121.9 is vulnerable due to incomplete URL validation, allowing bypass of authentication for access to the job queue dashboard. The issue is fixed in version 12.121.9. As a workaround, operators have used access-blocking measures (e.g., WAF rules like Cloudflare) to mi...

CVE-2023-43793 Misskey allows users to bypass authentication of Bull dashboard

Misskey is an open source, decentralized social media platform. Prior to version 2023.9.0, by editing the URL, a user can bypass the authentication of the Bull dashboard, which is the job queue management UI, and access it. Version 2023.9.0 contains a fix. There are no known workarounds...

Nexkey Authorization Issues Vulnerability

Nexkey is an open source, decentralized social media platform for nexryai individual developers. An authorization issue vulnerability exists in Nexkey versions prior to 12.121.9 that stems from allowing an attacker to bypass authentication to access the job queue dashboard...

CVE-2021-41801

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...

CVE-2021-41801

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...

CVE-2021-41801

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...

CVE-2021-41801

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...

CVE-2021-41801

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...

PT-2021-23414 · Mediawiki +1 · Replacetext Extension +1

Name of the Vulnerable Software and Affected Versions: ReplaceText extension versions 1.41 and earlier for MediaWiki Description: The issue concerns Incorrect Access Control in the ReplaceText extension for MediaWiki. When a user is blocked after submitting a replace job, the job is still execute...

CVE-2014-9711

Multiple cross-site scripting XSS vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfix 01 allow remote attackers to inject arbitrary w...

[SECURITY] Fedora 16 Update: condor-7.7.5-0.2.fc16

Condor is a specialized workload management system for compute-intensive jobs. Like other full-featured batch systems, Condor provides a job queueing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs to Condor,...

Oracle Database Multiple Vulnerabilities (January 2009 CPU)

The remote Oracle database server is missing the January 2009 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Job Queue - Oracle OLAP - Oracle Spatial - Oracle Streams - SQLPlus Windows GUI %NASLMINLEVEL 70300 C Tenable Network...

Oracle Database Multiple Vulnerabilities (October 2010 CPU)

The remote Oracle database server is missing the October 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Enterprise Manager Console - Java Virtual Machine - Change Data Capture - OLAP - Job Queue - XDK - Core RDBMS - Perl...

CVE-2010-2411

Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...

Design/Logic Flaw

Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...

CVE-2010-2411

Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMSIJOB...

CVE-2010-2411

CVE-2010-2411 affects Oracle Database Server (11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5) with a vulnerability in SYS.DBMS_IJOB that allows remote authenticated users to impact confidentiality, integrity and availability. The vulnerability is listed in the Oracle October 2010 CPU, which fix...

CVE-2009-4133

Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...