8 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-51490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users c...
Linux Distros Unpatched Vulnerability : CVE-2024-51485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens wh...
UBUNTU-CVE-2024-51490
Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change "Custom URL - Logo". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. Thi...
UBUNTU-CVE-2024-51485
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating plugins. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change...
PT-2024-34651 · Ampache · Ampache
Name of the Vulnerable Software and Affected Versions: Ampache versions prior to 7.0.1 Description: Ampache is a web-based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog...
PT-2024-39250 · Unknown · Qdocs Smart School Management System
Name of the Vulnerable Software and Affected Versions: QDocs Smart School Management System version 7.0.0 Description: A critical vulnerability was found in the QDocs Smart School Management System. The issue affects an unknown functionality of the file /user/chat/mynewuser of the component Chat...
Information Exposure
Overview kitchen-terraform is a set of Test Kitchen plugins for testing Terraform configuration. Affected versions of this package are vulnerable to Information Exposure due to a regression that caused all Terraform output values, including sensitive values, to be printed at the info logging leve...
PT-2020-6248 · Python Imaging Library +2 · Pillow +2
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.1.0 Pillow versions 7.x prior to 7.0.1 Pillow version 6.2.2 and earlier Description: The issue is related to multiple out-of-bounds reads in the libImaging/FliDecode.c library. This could allow a remote attacker to...