8 matches found
Design/Logic Flaw
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors...
CVE-2011-4927
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x before 1.0.5 allows remote authenticated users to obtain sensitive information via unknown vectors...
CVE-2011-4929
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors...
CVE-2011-4929
CVE-2011-4929 affects Redmine 0.9.x and 1.0.x prior to 1.0.5, via the bazaar repository adapter. The issue allows remote attackers to execute arbitrary commands by unspecified vectors. Public advisories (e.g., Debian DSA-2261-1) reiterate a remote command-execution vulnerability; OSV entries like...
CVE-2011-4927
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x before 1.0.5 allows remote authenticated users to obtain sensitive information via unknown vectors...
CVE-2011-4929
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors...
DSA-2261-1 redmine - several
Bulletin has no description...
redmine -- multiple vulnerabilities
Jean-Philippe Lang reports: This release also fixes 3 security issues reported by joernchen of Phenoelit: logged in users may be able to access private data affected versions: 1.0.x persistent XSS vulnerability in textile formatter affected versions: all previous releases remote command execution...