2321 matches found
CVE-2020-8840
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter...
CVE-2020-8840
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter...
[SECURITY] Fedora 31 Update: nodejs-12.15.0-1.fc31
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
Fedora: Security Advisory for nodejs (FEDORA-2020-3838c8ea98)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
CVE-2020-8615
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions such as blocking legitimate instructors...
CVE-2020-5236 Catastrophic backtracking in regex allows Denial of Service in Waitress
Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like "Bad-header: xxxxxxxxxxxxxxx\x10" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and...
Tutor LMS < 1.5.3 - Cross-Site Request Forgery (CSRF)
Tutor LMS WordPress plugin is vulnerable to Cross-Site Request Forgery CSRF attacks. As the requests for the approval and blocking of instructors are sent using the GET method, the CSRF attack to approve an attacker-controlled instructor account can be performed by having the admin visit...
[SECURITY] Fedora 31 Update: nodejs-12.14.1-3.fc31
Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...
The vulnerability of the display driver (drivers/media/platform/vivid) in Linux operating systems, which allows a hacker to cause a service failure
The vulnerability of the display driver drivers/media/platform/vivid in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures by blocking streams using t...
Imperva Mitigates Exploits of Citrix Vulnerability – Right Out of the Box
On December 17, Citrix issued a Security Bulletin on an unauthenticated remote code execution vulnerability CVE-2019-19781 affecting its Citrix Application Delivery Controller ADC - formerly known as NetScaler ADC - and its Citrix Gateway - formerly known as NetScaler Gateway. At the time of the...
Fedora Update for squid FEDORA-2019-9538783033
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
DEBIAN-CVE-2019-20330
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking...
CVE-2019-20330
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking...
CVE-2019-20330
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking...
UBUNTU-CVE-2019-20330
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking...
CVE-2019-20330
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking...
CVE-2019-20070
On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi aka the Keyword field of the URL Blocking Configuration...
Design/Logic Flaw
On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi aka the Keyword field of the URL Blocking Configuration...