ROS-2-1404

2.1404 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

GHSA-XXMQ-4VPH-956W Comrak vulnerable to production of excessive output when parsing Markdown (GHSL-2023-048)

Impact comrak is vulnerable to the upstream cmark issue, "Issue revealed by fuzzer". A large number of references in a markdown document can trigger an overly large response. Patches 0.17.0 contains https://github.com/kivikakk/comrak/commit/70f97f3ea4eae30ffbd1b94c764a3de2f1c41d2a, which limits...

Comrak vulnerable to production of excessive output when parsing Markdown (GHSL-2023-048)

Impact comrak is vulnerable to the upstream cmark issue, "Issue revealed by fuzzer". A large number of references in a markdown document can trigger an overly large response. Patches 0.17.0 contains https://github.com/kivikakk/comrak/commit/70f97f3ea4eae30ffbd1b94c764a3de2f1c41d2a, which limits...

Aruba Networks Virtual Intranet Access 信息泄露漏洞

Aruba Networks Virtual Intranet Access is a virtual Intranet access agent from Aruba Networks, Inc. It provides an automatic secure connection for laptops. An information disclosure vulnerability exists in Aruba Networks Virtual Intranet Access version 4.3.0, which stems from the application...

SAP Business One Information Disclosure Vulnerability (CNVD-2022-56961)

SAP Business One is a product of SAP, a German company.SAP Business One is a set of enterprise management software. The software includes functions such as financial management, operations management and human resource management. SAP Business One has an information disclosure vulnerability that...

ROS-2-545

2.545 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

ROS-2-498

2.498 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

MediaWiki 信息泄露漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from an information disclosure vulnerability that results from the program...

SUSE SLES12 Security Update : openssh (SUSE-SU-2020:3844-1)

This update for openssh fixes the following issues : CVE-2020-14145: Fixed an observable discrepancy leading to an information leak in the algorithm negotiation bsc1173513. Fixed an issue where AuthorizedKeysCommand produced a lot of output bsc1161684. Fixed an issue where oracle cluster with...