EUVD-2020-6076

Malware in sbrugna...

EUVD-2014-3607

Malware in sbrugna...

PT-2025-40966

Name of the Vulnerable Software and Affected Versions Kibana versions 5.3 through 8.7 Description Several cross-site scripting XSS issues have been disclosed by Elastic in Kibana. These issues could potentially allow for malicious code execution within the application. A search on Netlas.io using...

CVE-2024-41910

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used...

Joomla! patches XSS flaws that could lead to remote code execution

On February 20, Joomla! posted details about four vulnerabilities it had fixed in its Content Management System CMS, and one in the Joomla! Framework that affects the CMS. Joomla! is an open-source CMS that’s been around since 2005, and has been one of the most popular CMS platforms by market sha...

1CRM On-Premise Software 8.5.7 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications 1CRM On-Premise Software 8.5.7 Stored XSS //////////////////////////////////////////////////////////////////////////////////// Exploit Title: 1CRM On-Premise Software 8.5.7 - Cross-Site Scripting Date: 19/07/2019 Exploit Author: Kusol...

Scientific Linux Security Update : pki-core on SL6.x i386/x86_64 (20150722)

Multiple cross-site scripting flaws were discovered in the Red Hat Certificate System Agent and End Entity pages. An attacker could use these flaws to perform a cross-site scripting XSS attack against victims using the Certificate System's web interface. CVE-2012-2662 This update also fixes the...

CentOS 6 : ipa (CESA-2015:1462)

Updated ipa packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

ipa security update

CentOS Errata and Security Advisory CESA-2015:1462 Updated ipa packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

RHEL 6 : ipa (RHSA-2015:1462)

Updated ipa packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Oracle Linux 7 : ipa (ELSA-2015-0442)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0442 advisory. - CVE-2014-7850 freeipa: XSS flaw can be used to escalate privileges 1165774 - CVE-2014-7828 freeipa: password not required when OTP in use 1160877...

RHEL 7 : ipa (RHSA-2015:0442)

Updated ipa packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Moderate: Red Hat Security Advisory: Red Hat Satellite 5.7.0 General Availability

Red Hat Satellite 5.7.0 is now available. Updated packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Satellite 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVS...

openstack-horizon: multiple XSS flaws

Cross-site scripting XSS vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to inject arbitrary web script or HTML via a networ...

Moderate: Red Hat Security Advisory: python-django-horizon security, bug fix, and enhancement update

Updated python-django-horizon packages that fix three security issues, multiple bugs, and add an enhancement are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate...

RHEL 6 : MRG (RHSA-2012:0477)

An updated MRG Management Console package that fixes several security issues is now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

RHEL 6 : Red Hat JBoss Web Server 2.0.1 update (Moderate) (RHSA-2013:1012)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1012 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...

openSUSE Security Update : horde4-kronolith (openSUSE-SU-2012:1625-1)

This version update to version 3.0.18 addresses bnc791184: Two sets 3.0.17 and 3.0.18 of XSS flaws CVE-2012-5566 and CVE-2012-5567 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : phpMyAdmin (openSUSE-SU-2012:1507-1)

This update of phpMyAdmin is a version upgrade to 3.5.3.0 to fix multiple XSS flaws. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-790. The text description of this plugin is C...

Red Hat JBoss Enterprise Application Platform 6.1.0 Security Update (RHSA-2013:1843)

The version of JBoss Enterprise Application Platform running on the remote system is affected by multiple cross-site scripting flaws in the GateIn Portal component. This could allow a remote attacker to manipulate a logged in user into visiting a specially crafted URL, thereby executing an...