19 matches found
EUVD-2021-16086
Malware in sbrugna...
EUVD-2023-58939
Malicious code in bioql PyPI...
CVE-2023-28877
The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...
CVE-2021-29483
ManageWiki is an extension to the MediaWiki project. The 'wikiconfig' API leaked the value of private configuration variables set through the ManageWiki variable to all users. This has been patched by https://github.com/miraheze/ManageWiki/compare/99f3b2c8af18...befb83c66f5b.patch. If you are...
tripleo-ansible: bind keys are world readable
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...
CVE-2023-6725
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...
CVE-2023-6725
An access-control flaw was found in the OpenStack Designate component where private configuration information including access keys to BIND were improperly made world readable. A malicious attacker with access to any container could exploit this flaw to access sensitive information...
PT-2023-8846
Name of the Vulnerable Software and Affected Versions OpenStack Designate affected versions not specified Description An access-control flaw was found in the OpenStack Designate component where private configuration information, including access keys to BIND, were improperly made world readable. ...
CVE-2023-28877
The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...
CVE-2023-28877
The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to private configuration data. [email protected] is unaffected by this issue...
PT-2022-7401 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.3 Description: The issue concerns the exposure of private information defined in the setup of GLPI, such as smtp or cas hosts, to unauthorized individuals. This exposure can be exploited remotely, allowing attacker...
Discourse Information Disclosure Vulnerability (CNVD-2022-05504)
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.Discourse is vulnerable to an information disclosure vulnerability that could be exploited by attackers to obtain private configuration files...
Discourse 信息泄露漏洞
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features.Discourse is vulnerable to an information disclosure vulnerability that could be exploited by attackers to obtain private configuration files...
Denial of Service Vulnerability in EKI-1521-CE Serial Port Server Private Configuration Protocol
The EKI-15121-CE is a serial device networking server that sends private configuration protocols to device ports. A denial of service vulnerability exists in EKI-1521-CE, which can be exploited by an attacker to launch a denial of service attack...
Code injection
ManageWiki is an extension to the MediaWiki project. The 'wikiconfig' API leaked the value of private configuration variables set through the ManageWiki variable to all users. This has been patched by https://github.com/miraheze/ManageWiki/compare/99f3b2c8af18...befb83c66f5b.patch. If you are...
CVE-2021-29483
CVE-2021-29483 affects the ManageWiki extension for MediaWiki. The wikiconfig API leaked private configuration variable values to all users. The issue has been patched in the ManageWiki patch linked in the CVE and advisories; if patching isn’t possible, a workaround is to disable the wikiconfig A...
CVE-2021-29483
ManageWiki is an extension to the MediaWiki project. The ‘wikiconfig’ API leaked the value of private configuration variables set through the ManageWiki variable to all users. This has been patched by https://github.com/miraheze/ManageWiki/compare/99f3b2c8af18…befb83c66f5b.patch. If you are unabl...
MediaWiki 信息泄露漏洞
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. An information disclosure vulnerability exists in ManageWiki, which stems from the "wikiconfig" A...
MediaWiki SyntaxHighlight extension option injection vulnerability
This module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create & execute a PHP file in the document root. The USERNAME & PASSWORD options are only needed if the Wiki is configured as private. This vulnerability affects any MediaWiki...