CVE-2020-26412

Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2...

Design/Logic Flaw

Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2...

Denial of service

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

CVE-2020-26412

CVE-2020-26412 affects GitLab Enterprise Edition (EE) versions 13.2 up to, but not including, 13.6.2, where removed group members could use To-Do to retrieve updated information on confidential epics. The root cause is an information-disclosure path via To-Do access by deleted-group members. The ...

CVE-2020-29651

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

OpenCart 3.0.3.6 - Cross Site Request Forgery

Exploit Title: OpenCart 3.0.3.6 - Cross Site Request Forgery Date: 12-11-2020 Exploit Author: Mahendra Purbia Mah3Sec Vendor Homepage: https://www.opencart.com Software Link: https://www.opencart.com/index.php?route=cms/download Version: OpenCart CMS - 3.0.3.6 Tested on: Kali Linux Description:...

CVE-2020-23520

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...

CVE-2020-23520

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...

Remote code execution

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...

CVE-2020-23520

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...

CVE-2020-29651

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

CVE-2020-29651

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

PYSEC-2020-92

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

Input validation

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

CVE-2020-29651

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

PYSEC-2020-92

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

CVE-2020-29651

A denial of service via regular expression in the py.path.svnwc component of py aka python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3053-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.4.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-46 bsc1177872, bsc1176756 - CVE-2020-15969 Use-after-free in usersctp - CVE-2020-15683 Memory safety bugs fixed in Firefo...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3021-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.4.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-46 bsc1177872, bsc1176756 - CVE-2020-15969 Use-after-free in usersctp - CVE-2020-15683 Memory safety bugs fixed in Firefo...

Service Update 0.23 for Microsoft Dynamics 365 9.0

Service Update 0.23 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.23 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.23. MORE INFORMATION Update package| Version number ---|---...