14 matches found
CVE-2024-28233
JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API...
BIT-JUPYTERHUB-2024-41942 JupyterHub has a privilege escalation vulnerability with the `admin:users` scope
JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the admin:users scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that...
CVE-2024-28233
JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API...
CVE-2024-28233 XSS in JupyterHub via Self-XSS leveraged by Cookie Tossing
JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API...
BIT-JUPYTERHUB-2021-41247 incomplete logout in JupyterHub
JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in the same browser session, may see incomplete logout from the single-user server, as fresh credentials for the single-user server only, not the Hub reinstated...
CVE-2021-41247
JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in the same browser session, may see incomplete logout from the single-user server, as fresh credentials for the single-user server only, not the Hub reinstated...
PYSEC-2021-386
JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in the same browser session, may see incomplete logout from the single-user server, as fresh credentials for the single-user server only, not the Hub reinstated...
CVE-2021-41247
CVE-2021-41247 affects JupyterHub, where users with multiple JupyterLab tabs in a single browser session may experience incomplete logout from the single-user server, as fresh credentials are reinstated if another active JupyterLab session remains open during logout. The issue is mitigated by upg...
CVE-2021-41247
JupyterHub is an open source multi-user server for Jupyter notebooks. In affected versions users who have multiple JupyterLab tabs open in the same browser session, may see incomplete logout from the single-user server, as fresh credentials for the single-user server only, not the Hub reinstated...
MySQL: Multiple vulnerabilities
Background MySQL is a popular multi-threaded, multi-user SQL server. Description Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly execute arbitrary code with the privileges of the process,...
CentOS 7 : mariadb (CESA-2017:2192)
An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CentOS Update for mysql CESA-2010:0109 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Moderate: Red Hat Security Advisory: mysql security and bug fix update
Updated mysql packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of...
DoS in GoodTech Telnet Server 4.0.103
Donato Ferrante Application: GoodTech Systems Telnet Server for Windows NT/2000/XP http://www.goodtechsys.com/ Version: 4.0.103 Bug: Denial of Service Author: Donato Ferrante e-mail: [email protected] web: www.autistici.org/fdonato...