183 matches found
CVE-2018-16051
Affected product: GitLab Community and Enterprise Edition prior to 11.0.6, 11.1.x prior to 11.1.5, and 11.2.x prior to 11.2.2. Issue: Orphaned Upload Files Exposure. Root cause: exposure of orphaned uploaded files. Impact: potential exposure of uploaded file data. Remediation: upgrade to fixed re...
CVE-2018-16051
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure...
CVE-2018-16051
Removed by vendor...
Gitlab -- multiple vulnerabilities
Gitlab reports: Persistent XSS in Pipeline Tooltip GitLab.com GCP Endpoints Exposure Persistent XSS in Merge Request Changes View Sensitive Data Disclosure in Sidekiq Logs Missing CSRF in System Hooks Orphaned Upload Files Exposure Missing Authorization Control API Repository Storage...
FreeBSD : phpbb3 -- multiple issues (8e89a89a-fd15-11e7-bdf6-00e04c1ea73d)
phpbb developers reports : Password updater working with PostgreSQL - The cron for updating legacy password hashes was running invalid queries on PostgreSQL. Deleting orphaned attachments w/ large number of orphaned attachments - Orphaned attachment deletion was improved to be able to delete them...
phpbb3 -- multiple issues
phpbb developers reports: Password updater working with PostgreSQL - The cron for updating legacy password hashes was running invalid queries on PostgreSQL. Deleting orphaned attachments w/ large number of orphaned attachments - Orphaned attachment deletion was improved to be able to delete them...
Orphaned Snapshot Alarm - Change Suppression Settings
Challenge Correct over frequent triggering of Snapshot alarm Cause Depending on environment and when data is pulled alarm can trigger at non specified interval. Solution Within Monitor, go to the Alarm Management tab, and locate the 'Orphaned VM Backup Snapshot' alarm I just search 'orphaned in t...
Update Rollup 7 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 7 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2012 R2 Virtual Machine Manager VMM. There are three updates available for System Center 2012 R2 VMM. One update for...
The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean
Recently, I found that Digital Ocean suffered from a security vulnerability in their domain import system which allowed for the takeover of 20K domain names. If you haven't given that post a read I recommend doing so before going through this write up. Originally I had assumed that this issue was...
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016
MS16-088: Description of the security update for SharePoint Server 2016: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
SUSE-SU-2015:2220-1 Security update for openstack-nova and openstack-neutron
This update for openstack-nova and openstack-neutron provides various fixes and improvements. openstack-nova: - Fix instance filtering. bsc927625 - Remove error messages from multipath command output before parsing. bsc949529 - Fix live-migration usage of the wrong connector information. - Added...
SUSE-SU-2015:2219-1 Security update for openstack-nova
This update for openstack-nova provides various fixes and improvements: - Fix regression where launched instances in tenants not visible for other users. bsc927625 - Remove error messages from multipath command output before parsing. bsc949529 - Fix live-migration usage of the wrong connector...
VDDK error: 13 - Troubleshooting
Challenge Backup/Replication jobs fail with: VDDK error: 13.You do not have access rights to this file Solution Below is a list of possible solutions to this issue sorted by what transport mode was being used when this error occurred. Note: There are many causes for VDDK 13; this list is not...
Veeam Backup Temporary Snapshot
Challenge A snapshot named VEEAM BACKUP TEMPORARY SNAPSHOT is found on a VMware Virtual Machine. Cause As detailed in the Veeam Backup & Replication User Guide, a snapshot is created on a VM that is being processed by a Veeam job. This creation of this snapshot causes the VM's base disks to be in...
Removing Stuck VMDK From the Veeam Proxy
Challenge A virtual machine VM processed with Veeam Backup & Replication VBR has a warning that consolidation is required, but consolidation attempts fail. or A VM that VBR processed is found to have one or more orphaned snapshots a snapshot that is attached to the VM but does not show up in the...
CVE-2012-2326
Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...
Low: Red Hat Security Advisory: vixie-cron security, bug fix, and enhancement update
An updated vixie-cron package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...
CVE-2010-0425
modules/arch/win32/modisapi.c in modisapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapiunload for an ISAPI .dll module, which allows remote attackers ...
Design/Logic Flaw
Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service TCP outage via a series of TCP sessions that have pending data and a 1 small or 2 zero receive window size, and remain in the...
CVE-2009-1926
Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service TCP outage via a series of TCP sessions that have pending data and a 1 small or 2 zero receive window size, and remain in the...