Rundeck Security Breach

Rundeck is an open source automation service with a web console, command line tools, and WebAPI from Rundeck Inc. in the United States, which is primarily used to run automation tasks. A security vulnerability exists in Rundeck versions 4.17.0 through 4.17.2, which stems from the fact that the jo...

Code injection

XWiki Platform is a generic wiki platform. Starting in versions 2.2-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, it's possible to execute javascript with the right of any user by leading him to a special URL on the wiki targeting a page which contains an attachment. This has...

CVE-2020-25239

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0. The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with...

CVE-2020-25239

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0. The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with...

CVE-2020-25239

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0. The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with...

CVE-2020-17520

In the Pulsar manager 0.1.0 version, malicious users will be able to bypass pulsar-manager's admin, permission verification mechanism by constructing special URLs, thereby accessing any HTTP API...

CVE-2020-17520

In the Pulsar manager 0.1.0 version, malicious users will be able to bypass pulsar-manager's admin, permission verification mechanism by constructing special URLs, thereby accessing any HTTP API...