SUSE CVE-2020-8021

a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5...

PT-2022-16824 · Unknown +1 · Icinga Web 2 +1

Name of the Vulnerable Software and Affected Versions: Icinga Web 2 versions prior to 2.8.6 Icinga Web 2 versions prior to 2.9.6 Icinga Web 2 versions prior to 2.10 Description: Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, wit...

PT-2022-5941 · Hostap +7 · Hostapd +7

Name of the Vulnerable Software and Affected Versions: hostapd versions prior to 2.10 wpa supplicant versions prior to 2.10 Description: The issue is related to the implementations of EAP-pwd in hostapd and wpa supplicant, which are vulnerable to side-channel attacks due to cache access patterns...

PT-2019-11592 · Red Hat +1 · Spacewalk +1

Name of the Vulnerable Software and Affected Versions: Spacewalk versions prior to 2.10 Description: The issue arises from the unsafe computation of client token checksums. An attacker with a valid but expired authenticated set of headers could manipulate the session validity without altering the...

CVE-2016-6523

Multiple cross-site scripting XSS vulnerabilities in the media manager in Dotclear before 2.10 allow remote attackers to inject arbitrary web script or HTML via the 1 q or 2 linktype parameter to admin/media.php...

Mozilla: Information disclosure though Windows file shares and shortcut files (MFSA 2012-37)

Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut aka .lnk file for display within an IFRAME...