55 matches found
EUVD-2020-20317
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-3550
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a...
CVE-2023-3550
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...
DEBIAN-CVE-2023-3550
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...
Design/Logic Flaw
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...
UBUNTU-CVE-2023-3550
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...
MediaWiki 跨站脚本漏洞
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. An input validation error vulnerability exists in Mediawiki version v1.40.0 that stems from not validating...
SUSE CVE-2015-0804
The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrain a data type after omitting namespace validation during certain tree-binding operations, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via a...
Debian: Security Advisory (DSA-4890-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4890-1] ruby-kramdown security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4890-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 12, 2021 https://www.debian.org/security/faq -...
CVE-2020-27816
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link kibana console to different one, created based on the new CR for the new kibana resource. This could lead to an...
CVE-2020-27816
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link kibana console to different one, created based on the new CR for the new kibana resource. This could lead to an...
Design/Logic Flaw
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link kibana console to different one, created based on the new CR for the new kibana resource. This could lead to an...
Red Hat OpenShift Elasticsearch-operator Input Validation Error Vulnerability
Red Hat OpenShift Elasticsearch-operator is a software from Red Hat USA for use in OpenShift to support interaction with Elasticsearch. A security vulnerability exists in elasticsearch-operator-container versions prior to 4.7 that stems from not validating the namespace in which a kibana logging...
IBM Cognos Analytics Security Restriction Bypass Vulnerability
IBM Cognos Analytics formerly known as Cognos BI is a suite of business intelligence software from the American company IBM. The software includes reports, dashboards, and scorecards, and can be used to help companies adjust their decision-making by analyzing key factors and key stakeholders, etc...