dapperdepotmenswear.com Cross Site Scripting vulnerability OBB-3429882

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

[SECURITY] Fedora 36 Update: golang-sourcegraph-appdash-0-0.10.20210113gitebfcffb.fc36

Appdash is an application tracing system for Go, based on Google's Dapper and Twitter's Zipkin. Appdash allows you to trace the end-to-end handling of requests and operations in your application for perf and debugging. It displays timings and application-specific metadata for each step, and it...

Fedora: Security Advisory for golang-sourcegraph-appdash (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-sourcegraph-appdash-0-0.9.20210113gitebfcffb.fc35

Appdash is an application tracing system for Go, based on Google's Dapper and Twitter's Zipkin. Appdash allows you to trace the end-to-end handling of requests and operations in your application for perf and debugging. It displays timings and application-specific metadata for each step, and it...

Fedora: Security Advisory for golang-sourcegraph-appdash (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2008-6548

The rst parser parser/textrst.py in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors...

CVE-2008-2955

Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...

CVE-2008-0599

The initrequestinfo function in sapi/cgi/cgimain.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATHTRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI...

CVE-2008-0227

yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service crash via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp...

Ubuntu 5.10 : Ubuntu 5.10 installer vulnerability (USN-262-1)

Karl Oie discovered that the Ubuntu 5.10 installer failed to clean passwords in the installer log files. Since these files were world-readable, any local user could see the password of the first user account, which has full sudo privileges by default. The updated packages remove the passwords and...