ownCloud: File System Monitoring Queue Overflow

in the source code "owncloud/client" in the file "src/gui/folderwatcherlinux.cpp" in the function "void FolderWatcherPrivate :: inotifyRegisterPath const QString & path" by calling "inotifyaddwatch" the file paths are set for monitoring cpp int wd = inotifyaddwatchfd, path.toUtf8.constData,...

GHSA-CC94-3V9C-7RM8 Apache ActiveMQ webconsole admin GUI is open to XSS

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

CVE-2020-1941

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

CVE-2020-1941

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

DEBIAN-CVE-2020-1941

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

Open redirect

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

CVE-2020-1941

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

UBUNTU-CVE-2020-1941

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

CVE-2020-1941

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

CVE-2020-1941

CVE-2020-1941 affects Apache ActiveMQ (versions 5.0.0–5.15.11). The connected Nessus entry for this CVE confirms an XSS flaw in the ActiveMQ web console (admin GUI) specifically in the view that lists the contents of a queue. Root cause details are not elaborated beyond the XSS indication in the ...

PT-2020-3257 · Apache · Apache Activemq

Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ versions 5.0.0 through 5.15.11 Description: The issue is related to a lack of input data sanitization in the webconsole admin GUI of Apache ActiveMQ, which makes it susceptible to cross-site scripting XSS attacks. Specifically...

The vulnerability of the Linux systemd initialization process, related to the access to memory after it is freed, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Linux systemd initialization process is related to an error in the handling of the queue after it is freed from memory. Asynchronous Polkit requests are executed when processing dbus messages. Exploiting this vulnerability allows an attacker to gain access to confidential...

CVE-2020-4267

IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. IBM X-Force ID: 175840...

Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service attack caused by an authenticated user crafting a malicious message (CVE-2019-4656)

Summary IBM MQ Appliance is vulnerable to a denial of service attack that would allow an authenticated user to craft a malicious message causing a queue manager to incorrectly mark a queue as damaged, requiring a restart to continue processing against the queue. Vulnerability Details CVEID:...

The vulnerability of the HandleCursorShape function in the LibVNC library, which allows a hacker to execute arbitrary code.

The vulnerability of the HandleCursorShape function in the LibVNC library is related to buffer overflow in the queue. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Malicious Package

Overview alephantpublisher-queue is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

CVE-2020-4338

IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM X-Force ID: 177937...

CVE-2019-4762

IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function. IBM X-Force ID: 173625...

Unspecified Vulnerability in Oracle E-Business Suite Universal Work Queue

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Universal Work Queue is one of the tools that c...

CVE-2020-2818

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...