PT-2019-11743 · Jenkins · Jenkins Configuration As Code Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Configuration as Code Plugin versions 1.24 and earlier Description: The issue concerns missing permission checks in various HTTP endpoints, allowing users with Overall/Read access to access the generated schema and documentation for t...

python36:3.6 security update

python-PyMySQL 0.8.0-10 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 python-docs 3.6.7-2 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 python-docutils 0.14-12 - Bumping due to problems with modular RPM upgrade path 169558...

python27:2.7 security update

Cython 0.28.1-7 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 PyYAML 3.12-16 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 babel 2.5.1-9 - Bumping due to problems with modular RPM upgrade path 1695587 - Related:...

Fedora Update for python3-docs FEDORA-2019-9bfb4a3e4b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Read the Docs Open Redirect Vulnerability

Read the Docs is a document hosting system. The system is primarily used for creating, hosting and browsing documents. An open redirection vulnerability exists in versions of Read the Docs prior to 3.5.1 if certain user-defined redirects are used. This affects private instances of Read the Docs...

CVE-2017-9325

The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs...

CVE-2017-9325

The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on /update/json/docs...

CVE-2019-13175

Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs in addition to the public readthedocs.org web sites...

CVE-2019-13175

Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs in addition to the public readthedocs.org web sites...

Open redirect

Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs in addition to the public readthedocs.org web sites...

CVE-2019-13175

Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs in addition to the public readthedocs.org web sites...

CVE-2019-13175

Read the Docs before 3.5.1 has an Open Redirect vulnerability when certain user-defined redirects are used. This affects private instances in addition to public readthedocs.org sites. The provided documents do not specify a patch version or remediation steps; exploitation details are not describe...

CVE-2019-13175

Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs in addition to the public readthedocs.org web sites...

Nextcloud: Code injection in macOS Desktop Client

Vulnerability description I've identified a code injection vulnerability in your macOS desktop client. Any malicious application, running with standard user permissions is able to exploit this vulnerability and execute code in your application's context. Requirements In order to exploit this...

[SECURITY] Fedora 29 Update: python3-3.7.3-3.fc29

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

keystone/fuzz_asm_x86_64: Bad-cast to llvm_ks::X86OperandX86AsmParser::MatchAndEmitATTInstruction in AsmParser::parseStatement

Detailed report: https://oss-fuzz.com/testcase?key=5121855985287168 Project: keystone Fuzzer: libFuzzerkeystonefuzzasmx8664 Fuzz target binary: fuzzasmx8664 Job Type: libfuzzerubsankeystone Platform Id: linux Crash Type: Bad-cast Crash Address: 0x00000210d120 Crash State: Bad-cast to...

[SECURITY] Fedora 30 Update: python3-3.7.2-8.fc30

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

openSUSE Security Update : java-11-openjdk (openSUSE-2019-818)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.1+13 Oracle October 2018 CPU Security fixes : - S8202936, CVE-2018-3183, bsc1112148: Improve script engine support - S8199226, CVE-2018-3169, bsc1112146: Improve field accesses - S8199177, CVE-2018-3149,...

CVE-2019-7250

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code via SCRIPT elements, event handlers, etc.. Since this code...

Cross site scripting

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code via SCRIPT elements, event handlers, etc.. Since this code...