Open-Xchange App Suite Security Vulnerability

Open-Xchange App Suite is an email and productivity suite client software from Open-Xchange Germany. A security vulnerability exists in Open-Xchange App Suite that stems from a user ID reference not properly cleaned up as mentioned in the documentation notes, where script code could be injected...

kernel: x86/speculation: Fill RSB on vmexit for IBRS

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

GHSA-RWXP-HWWF-653V Insecure template handling in express-hbs

express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability...

CVE-2021-32817 File disclosure in express-hbs

express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability...