Lucene search
K

313 matches found

Fedora
Fedora
added 2020/12/05 1:40 a.m.31 views

[SECURITY] Fedora 33 Update: fossil-2.12.1-1.fc33

Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface...

8.8CVSS2.7AI score0.03122EPSS
Exploits0
Fedora
Fedora
added 2020/12/05 1:16 a.m.32 views

[SECURITY] Fedora 32 Update: fossil-2.12.1-1.fc32

Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface...

8.8CVSS2.7AI score0.03122EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/12/05 12:0 a.m.17 views

Fedora: Security Advisory for fossil (FEDORA-2020-ac6cf99f87)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.03122EPSS
Exploits0References2
CVE
CVE
added 2020/09/30 8:33 p.m.61 views

CVE-2020-25830

CVE-2020-25830 affects MantisBT before 2.24.3. The root cause is improper escaping of a custom field name, permitting HTML injection and, if CSP allows, arbitrary JavaScript execution when updating that custom field via bug_actiongroup_page.php. Evidence in multiple sources ties this to an XSS ri...

4.8CVSS5.2AI score0.01682EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/09/04 12:15 p.m.27 views

CVE-2019-3881

Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available. If Bundler is used in a scenario where the user does not have a writable home directory, an attacker could pla...

7.8CVSS6.8AI score0.00529EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/01/13 12:0 a.m.2 views

The vulnerability of the Jira bug tracking system, related to improper code generation management, allows a violator to execute arbitrary code.

The vulnerability of the Jira bug tracking system is related to improper management of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.5AI score0.84621EPSS
Exploits2References5Affected Software1
UbuntuCve
UbuntuCve
added 2019/11/12 8:15 p.m.19 views

CVE-2010-2488

NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections...

7.5CVSS7.1AI score0.02395EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/09/06 10:0 a.m.36 views

CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash...

10CVSS7.7AI score0.35736EPSS
Exploits3References4
Fedora
Fedora
added 2019/07/13 1:7 a.m.24 views

[SECURITY] Fedora 30 Update: fossil-2.8-1.fc30

Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface...

9.3CVSS2.7AI score0.02805EPSS
Exploits0
CNVD
CNVD
added 2019/07/10 12:0 a.m.3 views

JetBrains YouTrack Privilege Vulnerability

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in JetBrains YouTrack. An attacker can exploit the...

9.8CVSS6.9AI score0.01994EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/06/27 5:15 p.m.32 views

CVE-2019-5828

Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...

8.8CVSS7.2AI score0.01411EPSS
Exploits0References2
CVE
CVE
added 2019/06/06 6:17 p.m.193 views

CVE-2018-9839

CVE-2018-9839 affects MantisBT up to versions 1.3.14 and 2.0.0. A crafted request to bug_report_page.php altering the m_id parameter can let a user with REPORTER access or higher view private issue details (summary, description, steps, additional information) when cloning. If the user selects Cop...

6.5CVSS6.3AI score0.0124EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2019/04/22 4:29 p.m.42 views

CVE-2015-1316

Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key...

7.5CVSS6.9AI score0.01162EPSS
Exploits0References1
Kitploit
Kitploit
added 2018/12/12 8:49 p.m.78 views

Jackhammer - One Security Vulnerability Assessment/Management Tool To Solve All The Security Team Problems

One Security vulnerability assessment/management tool to solve all the security team problems. What is Jackhammer? Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev team, QA team and being a facilitator for TPM to understand and track the qualit...

7.5AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2018/11/14 3:29 p.m.22 views

CVE-2018-6070

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...

6.1CVSS6.9AI score0.00853EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/09/16 2:29 a.m.22 views

CVE-2018-17076

GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file...

8.8CVSS7.2AI score0.0148EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2018/08/20 7:31 p.m.18 views

CVE-2018-1000637

zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. This attack appear to be exploitable via the victim openning a crafted compressed file. This vulnerability appears to have been fix...

7.8CVSS7AI score0.01675EPSS
Exploits0References4
Hacker One
Hacker One
added 2018/08/20 5:36 p.m.30 views

MariaDB: SSRF on jira.mariadb.org

Vulnerabilities in our publicly available issue and bug tracking Jira instance have been reported and resolved to the best of our abilities by upgrading to the latest available Jira software from Atlassian. Yes...

2.8AI score
Exploits0
Hacker One
Hacker One
added 2018/08/10 1:10 p.m.7 views

MariaDB: vulnerable to Cross-site Request Forgery | Jira

Vulnerabilities in our publicly available issue and bug tracking Jira instance have been reported and resolved to the best of our abilities by upgrading to the latest available Jira software from Atlassian...

2.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2018/06/07 1:29 p.m.32 views

CVE-2018-7689

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions...

7.1CVSS6.8AI score0.01208EPSS
Exploits0References3
Rows per page
Query Builder