20 matches found
CVE-2019-20365
An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via search to the Users/Group search page...
EUVD-2019-10918
Malware in sbrugna...
EUVD-2019-9240
Malware in sbrugna...
EUVD-2021-18480
Malware in sbrugna...
SUSE CVE-2025-27236
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration...
CVE-2021-34787
A vulnerability in the identity-based firewall IDFW rule processing feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper...
PT-2021-4886 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the identity-based firewall IDFW rule processing featur...
Cisco Firepower Threat Defense(FTD)和Cisco Adaptive Security Appliances Software(ASA Software)安全漏洞
Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. A security vulnerability exists in Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliances Software ASA Software SSL/TLS Denial, which arises from an...
CVE-2019-15590
An access control issue exists in 12.3.5, 12.2.8, and 12.1.14 for GitLab Community Edition CE and Enterprise Edition EE where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration...
Design/Logic Flaw
An access control issue exists in 12.3.5, 12.2.8, and 12.1.14 for GitLab Community Edition CE and Enterprise Edition EE where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration...
CVE-2019-19629
In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferring a public project to a private group, private code would be disclosed via the Group Search API provided by the Elasticsearch integration...
CVE-2019-19629
CVE-2019-19629 affects GitLab Enterprise Edition (EE) versions 10.5 through 12.5.3, 12.4.5, and 12.3.8. The issue arises during transfer of a public project to a private group, where private code could be disclosed through the Group Search API provided by the Elasticsearch integration. Multiple s...
CVE-2019-19629
Removed by vendor...
GitLab: Group search with Elastic search enable leaks unrelated data
Summary Performing a group search when Elastic Search is enabled provides access to unrelated merge requests, issues activity, leaking the existence of private groups, plus their activity and MRs. This happens both on the GUI and with the APIs Steps to reproduce Let's take this search on the Gitl...
GitLab: Group search leaks private MRs, code, commits
Summary Using the group search you can access MRs and code set as "not public" in a project Steps to reproduce Create a public group, create a public project inside the group, but with private code. Push some code, search in the group search the code while logged out, you will find it also if it...
ntt.goo.ne.jp XSS vulnerability
Open Bug Bounty ID: OBB-642275 Description| Value ---|--- Affected Website:| ntt.goo.ne.jp Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
RedHat Update for sssd RHSA-2013:0663-01
Check for the Version of sssd OpenVAS Vulnerability Test RedHat Update for sssd RHSA-2013:0663-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
libipa_hbac, libsss_autofs, libsss_idmap, libsss_sudo, sssd security update
CentOS Errata and Security Advisory CESA-2013:0663 Updated sssd packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CV...
CVE-2011-5142
Multiple cross-site scripting XSS vulnerabilities in Open Business Management OBM 2.4.0-rc13 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the 1 tfdelegation, 2 tfip, or 3 tfname parameter in a search action to host/hostindex.php; 4 login parameter to...