Design/Logic Flaw

When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above...

SugarCRM 6.5.18 - Persistent Cross-Site Scripting

Exploit Title: SugarCRM 6.5.18 - Persistent Cross-Site Scripting Exploit Author: Vulnerability-Lab Date: 2020-11-16 Vendor Homepage: https://www.sugarcrm.com Version: 6.5.18 Document Title: =============== SugarCRM v6.5.18 - Contacts Persistent Cross Site Web Vulnerability References Source:...

Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting

Exploit Title: Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting Exploit Author: Vulnerability-Lab Date: 2020-11-12 Vendor Homepage: https://froxlor.org/ Software Link: https://froxlor.org/download/ Version: 0.10.16 Document Title: =============== Froxlor v0.10.16 ...

Grocy Household Management Cross-Site Scripting Vulnerability

Grocy Household Management Grocy is a web-based self-hosted grocery and household management solution for families by individual developers. The platform is an ERP system for households written in PHP. A cross-site scripting vulnerability exists in Grocy Household Management Solution version 2.7....

WordPress Buddypress 6.2.0 Cross Site Scripting

Document Title: =============== Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2263 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID: ===================================...

Froxlor 0.10.16 Cross Site Scripting

Document Title: =============== Froxlor v0.10.16 CP - Customer Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2241 Release Date: ============= 2020-11-12 Vulnerability Laboratory ID VL-ID: ====================================...

SugarCRM 6.5.18 Cross Site Scripting

Document Title: =============== SugarCRM v6.5.18 - Employees Persistent Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2257 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID:...

MailDepot 2033 2.3.3022 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2020-037 Product: MailDepot Manufacturer: REDDOXX GmbH Affected Versions: 2033 2.3.3022 Tested Versions: 2033 2.3.3022 Vulnerability Type: Persistent Cross-site Scripting CWE-79 Risk Level: High Solution Status: Open Manufacturer...

SugarCRM v6.5.18 - Contacts Persistent XSS Vulnerability

Document Title: =============== SugarCRM v6.5.18 - Contacts Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2249 Release Date: ============= 2020-11-16 Vulnerability Laboratory ID VL-ID: ====================================...

Persistent XSS in newsletter module in Shopware

Impact Persistent XSS in newsletter module Patches We recommend updating to the current version 5.6.9. You can get the update to 5.6.9 regularly via the Auto-Updater or directly via the download overview. For older versions you can use the Security Plugin:...

GHSA-HRFH-FP4X-CRRQ Persistent XSS in newsletter module in Shopware

Impact Persistent XSS in newsletter module Patches We recommend updating to the current version 5.6.9. You can get the update to 5.6.9 regularly via the Auto-Updater or directly via the download overview. For older versions you can use the Security Plugin:...

Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerability

Document Title: =============== Buddypress v6.2.0 WP Plugin - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2263 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID: ===================================...

SugarCRM v6.5.18 - Employee Persistent XSS Vulnerability

Document Title: =============== SugarCRM v6.5.18 - Employee Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2257 Release Date: ============= 2020-11-13 Vulnerability Laboratory ID VL-ID: ====================================...

Froxlor v0.10.16 CP - (Customer) Persistent Vulnerability

Document Title: =============== Froxlor v0.10.16 CP - Customer Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2241 Release Date: ============= 2020-11-12 Vulnerability Laboratory ID VL-ID: ====================================...

Persistent CDF Tracing Enabler - For Citrix Windows Receiver

Persistent CDF Tracing Enabler - For Citrix Windows Receiver Created Date: July 2014 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the...

Citrix App Layering 2.x: Unidesk Appliance Move Utility

Introduction Moving a Unidesk Cachepoint CP from one datastore to another using standard VMware tools is problematic because the layers created by the CP are non-persistent independent disks. If these are moved with a storage vMotion, they will be transformed into normal disks attached to the CP...

Citrix App Layering: Desktop Processing Utility

Introduction This utility was developed to modify desktop certain settings outside of Unidesk. The script is capable of adding or removing vmx file entries, setting memory and CPU reservations as well as moving the desktops into a particular resource pool or vCenter folder. The utility is designe...

Moderate: Red Hat Security Advisory: gnupg2 security, bug fix, and enhancement update

An update for gnupg2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Cisco Adaptive Security Appliance and Firepower Threat Defense Secure Boot Bypass Vulnerability

Cisco Firepower Threat Defense and Cisco Adaptive Security Appliance are both products of Cisco, Inc. Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services.Cisco Adaptive Security Appliance is a firewall and network security platform. Cisco...

Apple iOS Authorization Vulnerability

Apple iOS is an operating system for mobile devices developed by Apple Inc. in the United States. A security vulnerability exists in Apple iOS versions prior to 12.1, which stems from the possibility that a local user may be able to read persistent device identifiers. No details of the...