Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer

Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive credential-stealing framework. The affected packages include - laravel-lang/lang laravel-lang/http-statuses...

CVE-2024-49503 Reflected XSS in Setup Wizard, Organization Credentials in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SUSE manager allows attackers to execute Javascript code in the organization credentials sub page. This issue affects Container suse/manager/5.0/x8664/server:5.0.2.7.8.1: before...

CVE-2024-49503 Reflected XSS in Setup Wizard, Organization Credentials in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SUSE manager allows attackers to execute Javascript code in the organization credentials sub page. This issue affects Container suse/manager/5.0/x8664/server:5.0.2.7.8.1: before...

CVE-2019-0032

A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. A locally authenticated attacker who is able to access these stored plaintext credentials can use them to login to the Organization. Affected products are: Juniper...

SUSE SLES12 Security Update : smt, yast2-smt (SUSE-SU-2018:2898-2)

This update for yast2-smt to 3.0.14 and smt to 3.0.37 fixes the following issues : These security issues were fixed in SMT : CVE-2018-12471: Xml External Entity processing in the RegistrationSharing modules allowed to read arbitrary file read bsc1103809. CVE-2018-12470: SQL injection in...

SUSE-SU-2018:2902-2 Security update for yast2-smt

This update fixes the following issues in yast2-smt: - Explicitly mention 'Organization Credentials' fate321759 - Rearrange the SMT set-up dialog bsc977043 - Added missing translation marks bsc1037811 - Remove cron job rescheduling bsc1097560 This update is a requirement for the security update f...

SUSE-SU-2018:2902-1 Security update for yast2-smt

This update fixes the following issues in yast2-smt: - Explicitly mention 'Organization Credentials' fate321759 - Rearrange the SMT set-up dialog bsc977043 - Added missing translation marks bsc1037811 - Remove cron job rescheduling bsc1097560 This update is a requirement for the security update f...