DEBIAN-CVE-2011-1028

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smartyinternalcompileprivatespecialvariable.php file...

Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs

A data disclosure flaw was found in Ansible when using the Splunk and Sumologic modules, as they are not respecting when the flag nolog is enabled. This flaw can disclose and collect sensitive data from the system and expose it to an attacker...

Moderate: Red Hat Security Advisory: ansible security update

An update for Ansible is now available for Ansible Engine 2.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs

A data disclosure flaw was found in Ansible when using the Splunk and Sumologic modules, as they are not respecting when the flag nolog is enabled. This flaw can disclose and collect sensitive data from the system and expose it to an attacker...

WordPress download-plugins-dashboard plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress download-plugins-dashboard plugin. The...

Exploit for CVE-2018-2894

Ladon Scanner for Python !Authorhttps://img.shields.io/bad...

[SECURITY] Fedora 29 Update: limnoria-20191109-2.fc29

Supybot is a robust it doesn't crash, user friendly it's easy to configure and programmer friendly plugins are extremely easy to write Python IRC bot. It aims to be an adequate replacement for most existing IRC bots. It includes a very flexible and powerful ACL system for controlling access to...

CVE-2011-1133

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php...

CVE-2011-1133

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code via plugins/ExtendedFileManager/backend.php...

Moderate: Red Hat Security Advisory: yum security, bug fix, and enhancement update

An update for yum is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CVE-2011-1135

Cross-Site Scripting XSS in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php...

alsa-plugins bug fix and enhancement update

An update is available for alsa-plugins. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

ALEA-2019:3361 gedit-plugins bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

gedit-plugins bug fix and enhancement update

An update is available for gedit-plugins. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...

CVE-2019-16908

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI...

ThreatIngestor - Extract And Aggregate Threat Intelligence

An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. Overview ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources,...

Information Disclosure

ansible is vulnerable to information disclosure. When Sumologic and Splunk callback plugins are used with a setting of nolog parameter set to true, it disrespects the setting, causing a leakage of tasks results events to collectors and discloses any sensitive data...

Multiple Jenkins Plugins Multiple Security Vulnerabilities

...

Design/Logic Flaw

The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js...

CVE-2015-9500

The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to assets/js/jquery.foundation.plugins.js...