20 matches found
CVE-2025-64682
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64682
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64682
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64682
JetBrains Hub is affected by a race condition in versions prior to 2025.3.104432 that allows bypassing the Agent-user limit. The issue is described across multiple sources as a competitive/ race condition vulnerability in Hub leading to bypass of Agent-user restrictions. The vulnerable component ...
EUVD-2025-44055
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
JetBrains Hub 竞争条件问题漏洞
JetBrains Hub is a web-based application from the Czech company JetBrains. The program is capable of integrating multiple JetBrains team tools together. A Competitive Conditions Issue vulnerability exists in versions of JetBrains Hub prior to 2025.3.104432, which stems from the presence of a...
CVE-2019-12746
An issue was discovered in Open Ticket Request System OTRS Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. A user logged into OTRS as an agent might unknowingly disclose their session ID by sharing the link of an embedded ticket article with third parties. This identifier can be...
CVE-2019-13458
An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to...
MAL-2024-11517 Malicious code in agent-user-generate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 514af1dfd929068fabc7527812b99ec6a287c3601d7cf4ed1d29c55e74339fac Inside the library there is a part running code hidden in the attached image, which then exfiltrate user-provided data, downloads and install next stage code,...
Malicious code in user-random-agent-user (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 593686652ece19b8d2d79006659b8392c347442f9a8403ef1b9f8a8bfa232925 Inside the library there is a part running code hidden in the attached image, which then exfiltrate user-provided data, downloads and install next stage code,...
Malicious code in agent-user-generate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 514af1dfd929068fabc7527812b99ec6a287c3601d7cf4ed1d29c55e74339fac Inside the library there is a part running code hidden in the attached image, which then exfiltrate user-provided data, downloads and install next stage code,...
CVE-2020-1776
When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects OTRS Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and...
Debian DLA-1877-1 : otrs2 security update
Several security issues have been fixed in otrs2, a well known trouble ticket system. CVE-2018-11563 An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets. CVE-2019-12746 A user logged into OTRS as a...
[SECURITY] [DLA 1877-1] otrs2 security update
Package : otrs2 Version : 3.3.18-1+deb8u11 CVE ID : CVE-2018-11563 CVE-2019-12746 CVE-2019-13458 Several security issues have been fixed in otrs2, a well known trouble ticket system. CVE-2018-11563 An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose...
CVE-2019-9892
An issue was discovered in Open Ticket Request System OTRS 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of...
UBUNTU-CVE-2019-9892
An issue was discovered in Open Ticket Request System OTRS 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of...
CVE-2019-9892
An issue was discovered in Open Ticket Request System OTRS 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of...
CVE-2019-10067
An issue was discovered in Open Ticket Request System OTRS 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the contex...
Debian: Security Advisory (DLA-1774-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors...