CVE-2020-12283

Sourcegraph before 3.15.1 is affected by an improper validation in the SafeRedirectURL method (cmd/frontend/auth/redirect.go), leading to a vulnerable authentication workflow (example: //foo//example.com). The issue is tied to the authentication redirect logic and can enable an open redirect/auth...

CVE-2020-12283

Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of improper validation in the SafeRedirectURL method in cmd/frontend/auth/redirect.go, such as for the //foo//example.com substring...

CVE-2020-5565

Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'...

CVE-2020-5565

Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'...

Input validation

Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'...

CVE-2020-5565

Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'...

Cybozu Garoon Input Validation Error Vulnerability (CNVD-2020-26658)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An input validation error vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.10.3. A remote attacker...

Applied ThreadFix: Effective security team collaboration

Modern enterprises are distributed. Most ThreadFix deployments have stakeholders spanning development and security teams and those team members are spread around the globe. To support these distributed organizations, ThreadFix has a number of collaboration features that make teams more efficient...

Description of the SharePoint Designer 2010 update: March 12, 2013

Description of the SharePoint Designer 2010 update: March 12, 2013 INTRODUCTION Microsoft has released an update for Microsoft SharePoint Designer 2010. This update provides the latest fix for the 32-bit and 64-bit editions of SharePoint Designer 2010. Additionally, this update contains stability...

Unspecified Vulnerability in Oracle E-Business Suite Workflow (CNVD-2020-24056)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Workflow E-Business Suite is one...

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2020-2753

Technical details about CVE-2020-2753 are not publicly available in the provided connected documents; monitor for updates.

CVE-2020-2753

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Notification Mailer. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

SUSE SLES12 Security Update : git (SUSE-SU-2020:0992-1)

This update for git fixes the following issues : Security issue fixed : CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host bsc1168930. Non-security issue fixed : git was updated to 2.26.0 f...

Service Update 0.14 for Microsoft Dynamics 365 9.0

Service Update 0.14 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.14 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.14. MORE INFORMATION Update package| Version number ---|---...

MS15-036: Description of the security update for SharePoint Server 2013: April 14, 2015

Resolves vulnerabilities in Microsoft Office server and productivity software that could allow elevation of privilege if an attacker sends a specially crafted request to an affected SharePoint Server.IntroductionThis security update resolves elevation of privilege vulnerabilities that exist when...

MS16-088: Description of the security update for SharePoint Foundation 2013: July 12, 2016

MS16-088: Description of the security update for SharePoint Foundation 2013: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, s...

Argo Authorization Issue Vulnerability (CNVD-2020-27456)

Argo is an open source container native workflow engine. Argo suffers from an authorization issue vulnerability that stems from the program not implementing anti-automation protections. An attacker could use this vulnerability to brute-force break the administrator password...