8275 matches found
Updated kauth packages fix security vulnerability
KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugins...
kf5-kauth -- Insecure handling of arguments in helpers
Albert Astals Cid reports: KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugin...
Process Hacker - A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. System requirements Windows 7 or higher, 32-bit or 64-bit. Features A detailed overview of system activity with highlighting. Graphs and statistics allow you quickly to track down...
CVE-2019-1003013
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java,...
CVE-2019-1003012
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js,...
The vulnerability of the Ansible configuration management system lies in the lack of control over the path used to locate the configuration file ansible.cfg, which allows a attacker to execute arbitrary code.
The vulnerability of the Ansible configuration management system lies in the reading of the ansible.cfg file from the working directory. This file’s location can be altered, allowing the attacker to point it to a plugin or module that is under their control. Exploiting this vulnerability could...
CVE-2019-1003012
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js,...
Design/Logic Flaw
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js,...
Cross site scripting
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java,...
CVE-2019-1003013
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java,...
CVE-2019-1003013
An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java,...
CVE-2019-1003012
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js,...
CVE-2019-1003012
Summary: A data modification vulnerability in Jenkins Blue Ocean Plugin (versions 1.10.1 and earlier) allows bypassing all CSRF protections in the Blue Ocean API. Affected components (as cited): blueocean-core-js bundleStartup.js; fetch.ts; i18n.js; urlconfig.js; blueocean-rest/APICrumbExclusion....
CVE-2019-1003013
The CVE-2019-1003013 entry describes a cross-site scripting vulnerability in Jenkins Blue Ocean Plugin versions 1.10.1 and earlier. The flaw arises from insecure handling in specific Blue Ocean files (Export.java, ExportConfig.java, JSONDataWriter.java) and related components (UserStatePreloader....
Papoo CMS PKalender 3.5 Database Disclosure
Exploit Title : Papoo CMS PKalender Plugins 3.5 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/01/2019 Vendor Homepage : papoo.de Software Download Links : + papoo.de/index.php?menuid=169&downloadid=352&reporeid=349 +...
SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2019:0119-1)
This update for mariadb to version 10.2.19 fixes the following issues: bsc1116686 Security issues fixed : CVE-2016-9843: Big-endian out-of-bounds pointer bsc1013882 CVE-2018-3282, CVE-2018-3174, CVE-2018-3143, CVE-2018-3156, CVE-2018-3251, CVE-2018-3185, CVE-2018-3277, CVE-2018-3162, CVE-2018-317...
WPintel - Chrome Extension Designed For WordPress Vulnerability Scanning And Information Gathering
WordPress Vulnerability Scanner - Scan for vulnerabilities, version, themes, plugins and much more! WPintel allows you to scan self hosted WordPress sites. With WPintel you can detect the following: Version Version vulnerabilities Plugins Themes Users and much more! Although WPintel is designed f...
Arbitrary Code Execution
github.com/golang/go is vulnerable to arbitrary code execution attacks. The application does not filter the compiler flag variables -fplugin= and -plugin= when the go get command is run, allowing a malicious user to inject and execute arbitrary code by loading compiler plugins...
Denial Of Service (DoS)
libkrb5.so is vulnerable to denial of service DoS attacks. The vulnerability exists in the krb5encodekrbsecretkey function of plugins/kdb/ldap/libkdbldap/ldapprincipal2.c where authenticated users can cause DoS attacks through a series of cpw -keepold commands...
Authorization Bypass
nspluginwrapper is vulnerable to authorization bypass attacks. The vulnerability exists as nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and...