50 matches found
CVE-2020-7976
GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control...
CVE-2019-18449
An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the autocomplete feature. It has Insecure Permissions issue 2 of 2...
Design/Logic Flaw
An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions...
Apple TV < 12.4 Multiple Vulnerabilities
According to its banner, the version of Apple TV on the remote device is prior to 12.4. It is therefore affected by multiple vulnerabilities as described in HT210351. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid127048; scriptversion"1.6";...
PT-2017-2992 · Cisco · Cisco Ios
Name of the Vulnerable Software and Affected Versions: Cisco IOS versions 12.4 through 15.6 Description: The issue is due to insufficient input validation when handling CIP packets, allowing a remote attacker to cause a device reload and denial of service DoS using a specially crafted CIP packet...
Apple iTunes Arbitrary Code Execution Vulnerability - Windows
Apple iTunes is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:itunes"...
Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
Cisco IOS 12.423 - HTTP Server Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/33625/info Cisco IOS HTTP Server is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the...
Cisco XSS / XSRF Vulnerabilities
There was a Cisco Product Security Incident Response Team PSIRT advisory recently concerning some XSS/CSRF holes in the IOS.. quote Document ID: 98605 http://www.cisco.com/warp/public/707/cisco-sr-20090114-http.shtml Revision 1.0 For Public Release 2009 January 14 1600 UTC GMT Cisco Response: "Tw...
Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/33625/info Cisco IOS HTTP Server is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
PT-2007-3905 · Cisco · Cisco Ios
Name of the Vulnerable Software and Affected Versions: Cisco IOS versions 11.3 through 12.4 Description: The issue allows remote attackers to execute arbitrary code and have other impacts, including reading the startup-config. This can be achieved by sending a crafted MKD command that involves...