Amazon Linux 2023 : python3-rpm, rpm, rpm-apidocs (ALAS2023-2024-573)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-573 advisory. A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501,...

apidocs.imaginelearning.com Cross Site Scripting vulnerability OBB-3851224

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2021-3814

It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure...

Information disclosure

It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure...

CVE-2021-3814

CVE-2021-3814 affects 3scale’s APIdocs. The issue is that token validation is not performed correctly: when an invalid token is presented, the system falls back to session authentication, which can bypass access controls and lead to unauthorized information disclosure. This is described in multip...

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-1992)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

apidocs-cli (>=0.0.0 <=2.0.1), assemble-init (=0.1.0) +80 more potentially affected by CVE-2018-3719 via mixin-deep (>=0.1.0 <=1.0.1)

mixin-deep NPM version =0.1.0, =0.0.0, =0.1.0-beta.2, =0.1.0, =0.1.1, =0.1.2, =0.0.1, =0.0.1, =0.1.0, =1.0.2, =0.0.5, =0.2.2, =0.3.0 - create-component =0.1.1 and more Source cves: CVE-2018-3719 Source advisory: OSV:GHSA-3MPR-HQ3P-49H9...

Design/Logic Flaw

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions...

CVE-2015-1857

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions...

CVE-2015-1857

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions...

CVE-2015-1857

CVE-2015-1857 concerns OpenDaylight Helium’s odl-mdsal-apidocs feature, where failure to enforce AAA restrictions enables remote disclosure of sensitive information. Root cause: insufficient authentication/authorization/logging controls. Impact: confidentiality exposure without explicit exploit o...

Oracle Linux 5 : rpm (ELSA-2010-0679)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0679 advisory. - fix CVE-2010-2059, fails to drop SUID/SGID bits on package upgrade 626707 Tenable has extracted the preceding description block directly from the Oracle Linux...

PT-2012-1069 · Kde +3 · Konqueror +4

Name of the Vulnerable Software and Affected Versions: kdelibs versions 4.3.4 kdelibs-devel version 4.3.4 kdelibs-debuginfo version 4.3.4 kdelibs-apidocs version 4.3.4 kdelibs-common version 4.3.4 Description: The issue concerns multiple vulnerabilities in the kdelibs package, which can lead to a...

Fedora Core 10 FEDORA-2009-8020 (kdelibs3)

The remote host is missing an update to kdelibs3 announced via advisory FEDORA-2009-8020. OpenVAS Vulnerability Test $Id: fcore20098020.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8020 kdelibs3 Authors: Thomas Reinke Copyright: Copyright c 2009...