EUVD-2013-0703

Malware in sbrugna...

EUVD-2020-13880

Malware in sbrugna...

MAL-2025-12846 Malicious code in @zalastax/nolb-ose (npm)

The package @zalastax/nolb-ose was found to contain malicious code...

Malicious code in @zalastax/nolb-ose (npm)

The package @zalastax/nolb-ose was found to contain malicious code...

CVE-2020-21101

Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versions, including v1.8.2 2019-09-25-Screenly-OSE-lite.img, in the 'Add Asset' page via manipulation of a 'URL' field, which could let a remote malicious user execute arbitrary code...

CVE-2013-0692

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service...

CVE-2013-0693

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...

CVE-2024-12698 Ose-olm-catalogd-container: incomplete fix for rapid reset (cve-2023-39325/cve-2023-44487)

An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability CVE-2023-39325/CVE-2023-44487 where only unauthenticated streams were protected, not streams created by authenticated sources...

CVE-2024-12698 Ose-olm-catalogd-container: incomplete fix for rapid reset (cve-2023-39325/cve-2023-44487)

An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability CVE-2023-39325/CVE-2023-44487 where only unauthenticated streams were protected, not streams created by authenticated sources...

ose.directory Cross Site Scripting vulnerability OBB-3956385

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from go-git , Golang, GnuTLS, Libxml2, protobuf-c, JSON-java, Libmaxminddb, SQLite3 packages and cryptographic algorithms

Summary go-git , Golang, GnuTLS, Libxml2, protobuf-c, JSON-java, Libmaxminddb, SQLite3 are consumed through RedHat UBI, go-toolset and OSE packages. These packages are shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2023-47745 DESCRIPTIO...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from shadow-utils, procps-ng, containerd, urllib3, nghttp2 and Golang

Summary Multiple issues were identified in Red Hat UBI packages, go-toolset and OSE are fixed and shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2023-25153 DESCRIPTION: containerd is vulnerable to a denial of service, caused by a memory...

FreeBSD : virtualbox-ose -- multiple vulnerabilities (bc90e894-264b-11ee-a468-80fa5b29d485)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bc90e894-264b-11ee-a468-80fa5b29d485 advisory. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported...

Debian: Security Advisory (DLA-268-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ose-turistheim.no Cross Site Scripting vulnerability OBB-3143075

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Emerson OSE Improper Permissions, Privileges, and Access Controls (CVE-2013-0692)

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service. This plugin only work...

Emerson OSE Exposure of Sensitive Information to an Unauthorized Actor (CVE-2013-0693)

The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers to obtain potentially sensitive informati...

Emerson OSE Credentials Management Errors (CVE-2013-0694)

The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier have hardcoded credentials in a ROM, which makes it easier for remote attackers to obtain shell access to the underlying OS by...

CVE-2020-35514

An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local access to the node, to copy this kubeconfig file and attempt to add their own node to the OpenShif...

CVE-2020-21101

CVE-2020-21101 affects Screenly screenly-ose (all versions). The vulnerability is a Cross-Site Scripting/Code execution issue in the Add Asset page caused by improper handling of the URL field, allowing a remote attacker to run arbitrary code. Connected documents corroborate the issue across mult...