117 matches found
Security fix for the ALT Linux 8 package postgresql11-1C version 11.5-alt0.M80P.4
11.5-alt0.M80P.4 built Feb. 25, 2020 Alexei Takaseev in task 245913 Feb. 12, 2020 Alexei Takaseev - Fix priv checks for ALTER <object DEPENDS ON EXTENSION Fixes CVE-2020-1720...
Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability (CNVD-2020-04828)
Cisco Unified Communications Manager is the powerful call processing component of the Cisco Unified Communications solution. It is a scalable, distributable, and highly available enterprise Voice over IP call processing solution. A cross-site request forgery CSRF vulnerability exists in the Web...
CVE-2018-20489
Removed by vendor...
Cisco Unity Connection Cross-Site Request Forgery Vulnerability
Cross-site request forgery CSRF vulnerability in Cisco Unity Connection 11.50.98 allows remote attackers to hijack the authentication of arbitrary users. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid130013; scriptversion"1.3"; scriptcvsdate"Date: 2019/10/31...
Cisco Unified Communications Manager CVE-2019-12715 Cross Site Scripting Vulnerability
Description Cisco Unified Communications Manager is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
CVE-2019-6655
On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5.1-11.5.9, BIG-IP platforms where AVR, ASM, APM, PEM, AFM, and/or AAM is provisioned may leak sensitive data...
Security fix for the ALT Linux 10 package postgresql13 version 11.5-alt1
Aug. 7, 2019 Alexei Takaseev 11.5-alt1 - 11.5 Fixes CVE-2019-10208, CVE-2019-10209...
CVE-2018-19578
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page...
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...
CVE-2018-19578
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page...
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...
CVE-2018-19578
GitLab EE 11.5 before 11.5.1 is vulnerable to an insecure object reference that allows a user with Reporter privileges to view the Jaeger Tracing Operations page. Root cause: improper access control on the Jaeger operations page. Impact: exposure of tracing page content to users with limited perm...
CVE-2018-19578
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that permits a user with Reporter privileges to view the Jaeger Tracing Operations page...
CVE-2018-19579
Removed by vendor...
CVE-2018-19582
CVE-2018-19582 affects GitLab Enterprise Edition (GitLab EE) on versions 11.4 before 11.4.8 and 11.5 before 11.5.1. The issue is an insecure direct object reference that could allow an unauthorized user to publish another user’s draft merge request comments. The connected documents confirm the af...
CVE-2018-19582
GitLab EE, versions 11.4 before 11.4.8 and 11.5 before 11.5.1, is affected by an insecure direct object reference vulnerability that permits an unauthorized user to publish the draft merge request comments of another user...
PT-2019-18215 · F5 · Big-Ip
Name of the Vulnerable Software and Affected Versions: F5 BIG-IP versions 11.5.1 through 11.6.4 F5 BIG-IP versions 12.1.0 through 12.1.4.1 F5 BIG-IP versions 13.0.0 through 13.1.1.4 F5 BIG-IP versions 14.0.0 through 14.0.0.4 F5 BIG-IP versions 14.1.0 through 14.1.0.5 Description: The issue allows...
Security Bulletin: IBM InfoSphere Data Quality Exception Console is affected by a Reflected XSS (Cross-Site Scripting) vulnerability
Summary A Reflected XSS Cross-Site Scripting vulnerability was addressed by IBM InfoSphere Data Quality Exception Console. Vulnerability Details CVEID: CVE-2019-4238 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed...
CVE-2019-1837
A vulnerability in the User Data Services UDS API of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the management GUI. The vulnerability is due to improper validation of input parameters in the UDS API...
Micro Focus Solutions Business Manager Denial of Service Vulnerability
Micro Focus Solutions Business Manager SBM, Serena Business Manager is a suite of business process automation management solutions from Micro Focus UK. The product is mainly used for process automation, including software development lifecycle and IT business process management. A security...