GHSA-82RV-45PC-V28W eZ Publish Legacy Patch EZSA-2018-001 for Several vulnerabilities

This security advisory fixes 4 separate vulnerabilities in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy by itself or via the LegacyBridge. First, it increases the randomness, and thus the security, of the pseudo-random bytes used to generate ...

AZL-42013 CVE-2024-32021 affecting package git for versions less than 2.39.4-1

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target reposito...

AZL-43042 CVE-2024-32021 affecting package git for versions less than 2.45.2-1

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target reposito...

DEBIAN-CVE-2024-32021

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target reposito...

CVE-2024-33004

SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...

CVE-2024-28165

SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to manipulate a parameter in the Opendocument URL which could lead to high impact on Confidentiality and Integrity of the application...

PT-2024-25050 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP Business Objects Business Intelligence Platform affected versions not specified Description: The issue concerns insecure storage where dynamic web pages are cached even after a user logs out. This allows an attacker to potentially view...

SAP Business Objects Business Intelligence Platform 安全漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. SAP Business Objects Business Intelligence Platform suffers from a...

SAP Business Objects Business Intelligence Platform 跨站脚本漏洞

SAP Business Objects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics, and data visualization. A cross-site scripting vulnerability exists in SAP Business Objects...

PT-2024-3748 · Git +9 · Git +9

Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4 Description: The issue is related to Git, a revision control system. When cloning a local source repository that contains symlinks via the filesystem, Git may...

PT-2024-22311 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP Business Objects Business Intelligence Platform affected versions not specified Description: The issue allows an attacker to perform a stored XSS attack by manipulating a parameter in the Opendocument URL, potentially leading to a high...

Remote Code Execution (RCE)

zodb3 is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of certain Zope Enterprise Objects ZEO database sharing, allowing remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol...

Authentication Bypass

Zope Object Database ZODB Authentication Bypass. The vulnerability is due to certain configurations of Zope Enterprise Objects ZEO database sharing, which can be exploited by remote attackers via vectors involving the ZEO network protocol...

CVE-2021-34967

Foxit PDF Editor Line Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2021-34967

Foxit PDF Editor Line Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2021-34966

Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2021-34962

Foxit PDF Editor Caret Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2021-34961

Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2021-34962

Foxit PDF Editor Caret Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2021-34965

Foxit PDF Editor Squiggly Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...