Cross-Site Scripting in bootbox

All version of bootbox are vulnerable to Cross-Site Scripting. The package does not sanitize user input in the provided dialog boxes, allowing attackers to inject HTML code and execute arbitrary JavaScript. Recommendation Sanitize user input being passed to bootbox or consider using an alternativ...

Fedora Update for gnome-boxes FEDORA-2019-e3b2885a25

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 29 Update: freeradius-3.0.19-1.fc29

The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...

[SECURITY] Fedora 30 Update: gnome-boxes-3.32.0.2-2.fc30

gnome-boxes lets you easily create, setup, access, and use: remote machines remote virtual machines local virtual machines When technology permits, set up access for applications on local virtual machines...

[SECURITY] Fedora 28 Update: gnome-boxes-3.28.5-2.fc28

gnome-boxes lets you easily create, setup, access, and use: remote machines remote virtual machines local virtual machines When technology permits, set up access for applications on local virtual machines...

Fedora Update for gnome-boxes FEDORA-2019-b2d986c3e9

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes

A previously unknown bug in Microsoft Windows would allow an attacker to spoof Windows dialog boxes that surface when making changes to the Windows registry. This would allow an adversary to plant malware or make other nefarious changes in the registry while getting around Windows’ built-in...

Fedora 29 : 2:freerdp / gnome-boxes / pidgin-sipe / remmina (2019-e3b2885a25)

FreeRDP fix for CVE-2018-1000852, Remmina bugfix update and rebuilds for updated FreeRDP. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

[SECURITY] Fedora 29 Update: gnome-boxes-3.30.3-2.fc29

gnome-boxes lets you easily create, setup, access, and use: remote machines remote virtual machines local virtual machines When technology permits, set up access for applications on local virtual machines...

Black Box on screen on Mac Receiver version 12.9.0, 12.9.1 and Workspace app for Mac 18.08.

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Using XenApp VD Agent 7.15 CU2, we have big black boxes show up on screen during an active ICA sessi...

[SECURITY] Fedora 29 Update: openjpeg2-2.3.0-9.fc29

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

Security update for libreoffice (moderate)

This update for libreoffice to 6.0.5.2 fixes the following issues: Security issues fixed: - CVE-2018-10583: An information disclosure vulnerability occurs during automatic processing and initiating an SMB connection embedded in a malicious file, as demonstrated by...

LimeSurvey Cross-Site Request Forgery Vulnerability

LimeSurvey formerly known as PHPSurveyor is a set of open source online survey program developed by the LimeSurvey team, which supports survey program development, questionnaire distribution and data collection. A cross-site request forgery vulnerability exists in Boxes in LimeSurvey version...

CVE-2018-1000513

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting XSS vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have been fixed in 3.6.x...

CVE-2018-1000514

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery CSRF vulnerability in Boxes that can result in CSRF admins to delete boxes. This vulnerability appears to have been fixed in 3.6.x...

CVE-2018-1000513

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting XSS vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have been fixed in 3.6.x...

Cross site scripting

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting XSS vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have been fixed in 3.6.x...

WSO2 Identity Server dashboard cross-site scripting vulnerability

WSO2 Identity Server is a U.S. WSO2 company's open source identity services , it supports Information Cards, OpenID and XACML identity framework. dashboard is one of the dashboard components. A cross-site scripting vulnerability exists in dashboard in WSO2 Identity Server version 5.5.0. A remote...

Linksys WVBR0-25 User-Agent Command Execution

The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in version 'Linksys WVBR0-25 User-Agent Command Execution', 'Description' = %q The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to...

iOS Password Prompts are Ripe for Abuse

Apple’s policy to repeatedly ask users for their iTunes password needlessly exposes iOS device owners to possible phishing attacks, according a mobile app developer Felix Krause. Krause’s beef with Apple is that too often and seemingly at random times, popups deliver a dialogue box for users to...