EUVD-2008-3932

Malware in sbrugna...

Improper Neutralization of Script in Attributes in @dcl/single-sign-on-client

Impact Improper input validation in the init function allows arbitrary javascript to be executed using the javascript: prefix ts SSO.init'javascript:alert"javascript successfully injected"' Patches This vulnerability was patched on version 0.1.0 Workarounds This vulnerability can be prevented if...

CVE-2023-41049 Improper Neutralization of Script in Attributes in @dcl/single-sign-on-client

@dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the init function allows arbitrary javascript to be executed using the javascript: prefix. This vulnerability has been patched on version 0.1.0. Users are...

PT-2023-27760 · Unknown · @Dcl/Single-Sign-On-Client

Name of the Vulnerable Software and Affected Versions: @dcl/single-sign-on-client versions prior to 0.1.0 Description: The issue concerns improper input validation in the init function, allowing arbitrary JavaScript to be executed using the javascript: prefix. This can be exploited by passing...

@commercetools-docs/gatsby-theme-docs (>=0.0.0-canary-20220509155217 <=19.1.0), @dcl/docs-site (>=1.0.0-3010867520.commit-1740972 <=1.0.0-20220919140413.commit-6dee65c) potentially affected by CVE-2022-25863 via gatsby-plugin-mdx (=3.13.0)

gatsby-plugin-mdx NPM version =3.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-mdx and may be impacted: - @commercetools-docs/gatsby-theme-docs =0.0.0-canary-20220509155217, =1.0.0-3010867520.commit-1740972,...

@commercetools-docs/gatsby-theme-docs (>=0.0.0-canary-20220509155217 <=19.1.0), @dcl/docs-site (>=1.0.0-3010867520.commit-1740972 <=1.0.0-20220919140413.commit-6dee65c) potentially affected by CVE-2022-25863 via gatsby-plugin-mdx (=3.13.0)

gatsby-plugin-mdx NPM version =3.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-mdx and may be impacted: - @commercetools-docs/gatsby-theme-docs =0.0.0-canary-20220509155217, =1.0.0-3010867520.commit-1740972,...

GaussDB: Enable DCL Audit

If AUDITLEVEL is set to 2, only Data Control Language DCL operations are audited. DCL is used to set or change the permissions for database sessions and objects. DCL operations include COMMIT, ROLLBACK, GRANT, REVOKE, SHUTDOWN, and LOCK TABLE. SPDX-FileCopyrightText: 2020 Greenbone AG Some text...

ZSQL: Audit Level

Audit logs are important in tracing data, locating faults, and clarifying responsibilities after security events occur. Database audit is configured by setting the AUDITLEVEL parameter. AUDITLEVEL = 0 disables audit logs. If AUDITLEVEL is set to a value greater than 0, audit logs are enabled, and...

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

CVE-2017-17482

An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and through V8.4-2L1 on IA64, and VAX/VMS 4.0 and later. A malformed DCL command table may result in a buffer overflow allowing a local privilege escalation when a non-privileged account enters a crafted command line. This bug is...

CVE-2017-17482

OpenVMS has a local privilege escalation vulnerability CVE-2017-17482 caused by a malformed DCL command table that can trigger a buffer overflow. Affected: OpenVMS on Alpha (V8.4-2L2) and IA64 (V8.4-2L1), and VAX/VMS 4.0 and later. Impact: local privilege escalation for non-privileged users; the ...

The invasion of Spy satellite system technologies-vulnerability warning-the black bar safety net

VAX: VAX stands for Virtual Address Extension. The VAX computer is due to hardware limitations, is designed to store the address, so that it can be a simple operation to some great adapted to store the program. The VAX computer system is the DESDigital Equipment CorporationCompany design...

CVE-2008-3947

DCL aka the CLI in OpenVMS Alpha 8.3 allows local users to gain privileges via a long command line...

CVE-2008-3947

CVE-2008-3947 affects OpenVMS Alpha 8.3 (DCL). Local users can gain privileges via a long command line. CVSSv2 base score 7.2 (HIGH). No remediation or exploit details are provided in the connected documents.

CVE-2002-1037

CVE-2002-1037 describes a cross-site scripting vulnerability in Double Choco Latte (DCL) prior to 20020706. The issue allows remote attackers to inject arbitrary HTML, including script, into web pages via seven features: Ticket# Find, Priorities, Severities, Projects, WO# Find, Departments, and U...