4026 matches found
CVE-2017-18102
The wiki markup component of atlassian-renderer from version 8.0.0 before version 8.0.22 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in nested wiki markup...
sensu: Password exposure in warn level log when configured for multiple rabbitMQ connections
Sensu's redaction function fails to handle the redaction of sensitive data in deeply nested data structures, resulting in sensitive data, such as passwords, being logged in clear-text...
CVE-2018-10017
soundlib/Sndfx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service out-of-bounds read via an IT or MO3 file with many nested pattern loops...
CVE-2018-10017
soundlib/Sndfx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service out-of-bounds read via an IT or MO3 file with many nested pattern loops...
Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register
Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualization nVMX feature enabled nested=1, is vulnerable to a crash due to disabled external interrupts. As L2 guest could access r/w hardware CR8 register of the hostL0. In a nested visualization setup, L2 guest user...
Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register
Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualization nVMX feature enabled nested=1, is vulnerable to a crash due to disabled external interrupts. As L2 guest could access r/w hardware CR8 register of the hostL0. In a nested visualization setup, L2 guest user...
XSS in various types of nested wiki markup - CVE-2017-18102
The wiki markup component of atlassian-renderer from version 8.0.0 before version 8.0.22 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in nested wiki markup...
XSS in various types of nested wiki markup - CVE-2017-18102
The bundled version of atlassian-renderer in Atlassian JIRA before version 7.7.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in nested wiki markup. For more information see https://jira.atlassian.com/browse/RNDR-153 currently...
kubernetes security update
1.9.1-2.1.5 - Production built 1.9.1-2.1.5 - Fix the upgrade version check - Remove w/a from Orabug 27125915 1.9.1-2.1.4.dev - Make sure worker node upgrade properly - Orabug 27649898 1.9.1-2.1.3.dev - Ensure that the runtime mounts RO volumes read-only CVE-2017-1002102 - Update Dashboard version...
sensu: Password exposure in warn level log when configured for multiple rabbitMQ connections
Sensu's redaction function fails to handle the redaction of sensitive data in deeply nested data structures, resulting in sensitive data, such as passwords, being logged in clear-text...
Product update: Virtuozzo 7.0 Update 7 (7.0.7-423)
The Update 7 for Virtuozzo 7.0 provides new features as well as stability and usability bug fixes. Vulnerability id: PSBM-79872 Enabling nested virtualization for VM could fail due to a bug in libvirt. Vulnerability id: PSBM-81107 Setting IP address to a VM without guest tools returned error even...
Remote Code Execution (RCE)
Eve is vulnerable to remote code execution RCE attacks. The library does not fully sanitize nested mongo queries, allowing a malicious user to inject and execute arbitrary code...
VulnCheck KEV: CVE-2014-7187
Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...
openSUSE Security Update : translate-toolkit (openSUSE-2018-130)
This update for translate-toolkit to 2.2.4 fixes several issues. This security issue was fixed : - Prevent inclusion of external ressources XXE boo1073535 These non-security issues were fixed : - Added support for nested and WebExtension JSON dialects. - po2txt no longer converts non-translatable...
Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially
h3. Summary Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially. If you synchronize nested groups with upper case letters into Confluence from Crowd / LDAP, and then update the external directory to remove the child groups, the groups will no...
Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially
h3. Summary Nested groups with uppercase letters cannot be removed from Confluence, after having been synced initially. If you synchronize nested groups with upper case letters into Confluence from Crowd / LDAP, and then update the external directory to remove the child groups, the groups will no...
MGASA-2018-0062 kernel update provides 4.14 series and fixes security vulnerabilities
This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...
kernel-tmb update provides 4.14 series and fixes security vulnerabilities
This kernel-tmb update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in...
kernel-linus update provides 4.14 series and fixes security vulnerabilities
This kernel-linus update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function i...
kernel update provides 4.14 series and fixes security vulnerabilities
This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...