Lucene search
K

251 matches found

Tenable Nessus
Tenable Nessus
added 2016/02/24 12:0 a.m.22 views

openSUSE Security Update : obs-service-download_files / obs-service-extract_file / obs-service-recompress / etc (openSUSE-2016-247)

This update for a number of source services fixes the following issues : - boo967265: Various code/parameter injection issues could have allowed malicious service definition to execute commands or make changes to the user's file system The following source services are affected -...

5.7AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2016/02/20 1:11 p.m.24 views

Security update for obs-service-download_files, obs-service-extract_file, obs-service-recompress, obs-service-source_validator, obs-service-verify_file (important)

This update for a number of source services fixes the following issues: - boo967265: Various code/parameter injection issues could have allowed malicious service definition to execute commands or make changes to the user's file system The following source services are affected -...

4.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/08/15 2:42 p.m.12 views

lumiere.obs.coe.int XSS vulnerability

Vulnerable URL: http://lumiere.obs.coe.int/web/search/index.php?title=%22%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...

6.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/13 12:0 a.m.37 views

openSUSE Security Update : osc (openSUSE-2015-224)

osc was updated to fix a security issue and some non-security bugs. osc was updated to 0.151.0, fixing the following vulnerability : - fixed shell command injection via crafted service files CVE-2015-0778 boo901643 The following non-security bugs were fixed : - fix times when data comes from OBS...

7.5CVSS5.5AI score0.03608EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2015/03/12 9:5 p.m.26 views

Security update for osc (important)

osc was updated to fix a security issue and some non-security bugs. osc was updated to 0.151.0, fixing the following vulnerability: fixed shell command injection via crafted service files CVE-2015-0778 boo901643 The following non-security bugs were fixed: fix times when data comes from OBS backen...

7.5CVSS2AI score0.03608EPSS
Exploits0References1
Prion
Prion
added 2014/02/06 5:0 p.m.28 views

Code injection

osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted 1 build log or 2 build status that contains an escape sequence for a terminal emulator...

4.3CVSS8AI score0.01362EPSS
Exploits0References6Affected Software2
Debian CVE
Debian CVE
added 2014/02/06 4:0 p.m.45 views

CVE-2012-1095

osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted 1 build log or 2 build status that contains an escape sequence for a terminal emulator...

4.3CVSS7.2AI score0.01362EPSS
Exploits0
Prion
Prion
added 2011/04/10 2:51 a.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the login page in the webui component in SUSE openSUSE Build Service OBS before 2.1.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00943EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2011/04/10 1:0 a.m.53 views

CVE-2011-0466

The CVE-2011-0466 affects SUSE openSUSE Build Service (OBS) versions 2.0.x before 2.0.8 and 2.1.x before 2.1.6. The issue allows attackers to bypass write-access restrictions and modify a (1) package or (2) project via unspecified vectors. Remediation per connected sources is to upgrade to the fi...

6.4CVSS6.7AI score0.0107EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2011/04/10 1:0 a.m.60 views

CVE-2011-0462

The CVE-2011-0462 entry covers multiple reflected XSS vulnerabilities in the login page of the SUSE/openSUSE Build Service (OBS) webui prior to version 2.1.6. Affected component: webui login page. Root cause details are not expanded beyond XSS in the provided documents, but the exploitation goal ...

4.3CVSS5.9AI score0.00943EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2011/04/10 1:0 a.m.26 views

CVE-2011-0466

The API in SUSE openSUSE Build Service OBS 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a 1 package or 2 project via unspecified vectors...

6.5AI score0.0107EPSS
Exploits0References1
Rows per page
Query Builder