1614 matches found
Error: "An error occurred during refresh" when opening StoreFront console
An error occurred during refresh. System.InvalidOperationException: Sequence contains more than one element...
SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2018:3868-1)
java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries : - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTI...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with Tivoli Business Service Manager
Summary IBM WebSphere Application Server is shipped as a component of Tivoli Business Service Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the Security Bulletin:...
SUSE-SU-2018:3920-1 Security update for java-1_7_0-ibm
java-170-ibm is updated to Java 7.0 Service Refresh 10 Fix Pack 35 bsc1116574: Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM...
Security update for MozillaThunderbird (important)
This update for Mozilla Thunderbird to version 60.2.1 fixes multiple issues. Multiple security issues were fixed in the Mozilla platform as advised in MFSA 2018-25 and MFSA 2018-28. In general, these flaws cannot be exploited through email in Thunderbird because scripting is disabled when reading...
Mozilla: Use-after-free in driver timers
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 62, Firefox ESR 60.2, and Thunderbird 60.2.1...
Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...
Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...
CVE-2018-12377
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 62, Firefox ESR 60.2, and Thunderbird 60.2.1...
DEBIAN-CVE-2018-12377
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 62, Firefox ESR 60.2, and Thunderbird 60.2.1...
CVE-2018-11083
Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access...
Authentication flaw
Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access...
CVE-2018-11083
Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access...
CVE-2018-11083 Bosh accepts refresh tokens in place of an access token
Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access...
CVE-2018-11083: BOSH accepts refresh token as access token | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using bosh-release versions prior to: v264 prior to v264.14.0 v265 prior to v265.7.0 v266 prior to v266.8.0 v267 prior to v267.2.0 Description BOSH allows refresh tokens to be used as access tokens...
Security Bulletin: A Security Vulnerability affects IBM Cloud Private Cloud Foundry (CVE-2018-11047)
Summary IBM Cloud Private Cloud Foundry is vulnerable to a security vulnerability Vulnerability Details CVEID: CVE-2018-11047 DESCRIPTION: Cloud Foundry uaa and uaa-release could allow a remote attacker to bypass security restrictions, caused by an issue with accepting refresh token as access...
Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...
Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...
Mozilla Firefox Memory Misreference Vulnerability (CNVD-2018-21815)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation.Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. refresh driver timers is one of the timer components. A memory misreference vulnerability exists in Mozilla...
UBUNTU-CVE-2018-12377
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 62, Firefox ESR 60.2, and Thunderbird 60.2.1...