66 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel. The vulnerability originates from the fact that when the "kernel IBT no ENDBR" self-test is triggered in the x86/fred modul...
openSUSE: Security Advisory for binutils (SUSE-SU-2023:3825-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
shadow Security breach
shadow is a suite of tools for maintaining Debian systems. utils is a utility program by Fred Smith, a personal developer. A security vulnerability exists in shadow-utils that stems from an inability to clear the buffer used to store the first entry, which could allow an attacker with sufficient...
roots.fred-baltus.nl Cross Site Scripting vulnerability OBB-3450485
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
utils 安全漏洞
utils is a utility program by Fred Smith Personal Developer. A security vulnerability exists in versions of utils prior to 0.7.3 that stems from the presence of prototype contamination...
fredverophotography.com Cross Site Scripting vulnerability OBB-3142014
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
secure.fredhutch.org Cross Site Scripting vulnerability OBB-3137639
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Get to Know Fred House
Meet Fred House Senior Director, Product Detection and Research By Michael Alicea · July 12, 2022 At Trellix, we celebrate and champion our people. For a long time now, I’ve been looking forward to connecting with Fred House, a Senior Director at Trellix Threat Labs and a consummate and “driven”...
com.coherentlogic.fred.client:fred-client-webstart-application (>=0.9.11 <=1.0.9-RELEASE), com.nimbusds:common (>=1.70 <=1.74) +116 more potentially affected by CVE-2013-4112 via org.jgroups:jgroups (>=3.3.0.CR1 <=3.3.2.Final)
org.jgroups:jgroups MAVEN version =3.3.0.CR1, =0.9.11, =1.70, =1.0, =1.5.1, =1.1, =1.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.5.0, =2.5.0, =2.5.0, =2.5.0, =2.5.3 and more Source cves: CVE-2013-4112 Source advisory: OSV:GHSA-CC62-496P-HRR7...
com.coherentlogic.fred.client:fred-client-core (=0.9.3), com.coherentlogic.fred.client:fred-client-core-it (=0.9.3) +36 more potentially affected by CVE-2013-6235 via com.jamonapi:jamon (>=1.0 <=2.75)
com.jamonapi:jamon MAVEN version =1.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.1.4, =0.9.0, =0.9.1 and more Source cves: CVE-2013-6235 Source advisory: OSV:GHSA-QPR7-5M63-HQ2Chttps://vulners.com/osv/OSV:GHSA...
fred.mediagiants.ca Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1087337 Security Researcher haxmov Helped patch 708 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting fred.mediagiants.ca website a...
Design/Logic Flaw
Fred MODX Revolution 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is:...
CVE-2019-1010178
CVE-2019-1010178 affects MODX Revolution ≤ 1.0.0-beta4/β5 via the Fred add-on (assets/components/fred/web/elfinder/connector.php). The root cause is Incorrect Access Control (CWE-648), enabling Remote Code Execution. The attack vector involves uploading a PHP file or altering data in the database...
October 17, 2017 – Morning Cyber Coffee Headlines – “The Flintstones” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 17, 2017 - Headlines Carbon Black in the News: Dark Web Ransomware...
Running Fred - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Running Fred published at the 'play' market has multiple vulnerabilities...
Centrinity FirstClass 5.50/5.77/7.0/7.1 - HTTP Server Long Version Field Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8793/info A problem has been reported in the handling of overly long HTTP version string data by Centrinity FirstClass. Because of this, it may be possible for an attacker deny service to legitimate users of a vulnerable...
JQL not respecting Issue Security Level "Project Lead"
While writing TestIssueSecurityLevel I found the following problem: fred is not a Project Lead HSP-3 has Issue Security Level of "Project Lead" only. empty JQL to show all visible issues doesn't show HSP-3. make fred the Project Lead same query: still no HSP-3 however: fred can browse to HSP-3 an...
JQL not respecting Issue Security Level "Project Lead"
While writing TestIssueSecurityLevel I found the following problem: fred is not a Project Lead HSP-3 has Issue Security Level of "Project Lead" only. empty JQL to show all visible issues doesn't show HSP-3. make fred the Project Lead same query: still no HSP-3 however: fred can browse to HSP-3 an...
CVE-2008-5271
Cross-site scripting XSS vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...
Directory traversal
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the template parameter to 1 starnet/editors/fckeditor/studenteditor.php; 2 starnet/modules/snnews/editcontent.php, reached through...