SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2020:0331-1)

This update for systemd fixes the following issues : CVE-2020-1712 bscbsc1162108 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potentiall...

Design/Logic Flaw

A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server OES allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions OES2015SP1, OES2018, and...

CVE-2019-3490

A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server OES allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions OES2015SP1, OES2018, and...

CVE-2019-3490

CVE-2019-3490 describes a DOM-based XSS in the Netstorage component of Open Enterprise Server (OES). A remote attacker could execute JavaScript in a victim’s browser by enticing them to click a crafted link. Affected are OES2015SP1, OES2018, and OES2018SP1; older versions were not tested. The con...