jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

DEBIAN-CVE-2019-11470

The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service uncontrolled resource consumption by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a...

ImageMagick Denial of Service Vulnerability (CNVD-2017-20999)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'ReadImage' function of the MagickCore/constitute.c file in ImageMagic...

The vulnerability of the web application for data synchronization with ownCloud allows a hacker to circumvent existing access restrictions and gain access to users’ files.

The vulnerability of the virtual file system of the web application for data synchronization with ownCloud is related to the lack of data validation during data retrieval. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions and gain access to user files b...

ipa security, bug fix, and enhancement update

4.1.0-18.0.1 - Replace login-screen-logo.png 20362818 - Drop subscription-manager requires for OL7 - Drop redhat-access-plugin-ipa requires for OL7 - Blank out header-logo.png product-name.png 4.1.0-18 - Fix ipa-pwd-extop global configuration caching 1187342 - group-detach does not add correct...