25943 matches found
python-bugzilla has improper validation of X.509 certificates
python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate...
GHSA-RPX6-HP2H-GWW4 Jenkins Bugzilla Plugin stores credentials in plain text
Jenkins Bugzilla Plugin stores credentials unencrypted in its global configuration file hudson.plugins.bugzilla.BugzillaProjectProperty.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...
Jenkins Bugzilla Plugin stores credentials in plain text
Jenkins Bugzilla Plugin stores credentials unencrypted in its global configuration file hudson.plugins.bugzilla.BugzillaProjectProperty.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...
Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.4 security updates and bug fixes
Red Hat Advanced Cluster Management for Kubernetes 2.4.4 General Availability release images. This update provides security fixes, bug fixes, and updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...
abelardoluz.sc.gov.br Cross Site Scripting vulnerability OBB-2587265
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| abelardoluz.sc.gov.br ---|--- Open Bug...
CVE-2021-4207
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...
CVE-2022-29869
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign characters but is not a valid credentials file...
CVE-2022-27239
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges...
nbc.gov.bt Cross Site Scripting vulnerability OBB-2556392
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| nbc.gov.bt ---|--- Open Bug Bounty...
abelardoluz.sc.gov.br Cross Site Scripting vulnerability OBB-2537941
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| abelardoluz.sc.gov.br ---|--- Open Bug...
All Vulnerabilities for dashboard.dotrmrt3.gov.ph Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| dashboard.dotrmrt3.gov.ph ---|--- Open...
celsoramos.sc.gov.br Cross Site Scripting vulnerability OBB-2521716
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| celsoramos.sc.gov.br ---|--- Open Bug...
CVE-2022-1304
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem...
nbc.gov.bt Cross Site Scripting vulnerability OBB-2510724
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| nbc.gov.bt ---|--- Open Bug Bounty...
All Vulnerabilities for paulofrontin.pr.gov.br Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| paulofrontin.pr.gov.br ---|--- Open Bug...
SUSE SLED15 / SLES15 Security Update : libsolv, libzypp, zypper (SUSE-SU-2022:1157-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1157-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
All Vulnerabilities for eca.europa.eu Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| eca.europa.eu ---|--- Open Bug Bounty...
All Vulnerabilities for vacina.natal.rn.gov.br Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| vacina.natal.rn.gov.br ---|--- Open Bug...
nbc.gov.bt Cross Site Scripting vulnerability OBB-2490447
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| nbc.gov.bt ---|--- Open Bug Bounty...
celsoramos.sc.gov.br Cross Site Scripting vulnerability OBB-2490308
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| celsoramos.sc.gov.br ---|--- Open Bug...