6 matches found
Gitlab OmniAuth Static Passwords and stored XSS
Hello everyone! In this episode, lets take a look at the latest vulnerabilities in Gitlab. On March 31, the Critical Security Release for GitLab Community Edition CE and Enterprise Edition EE was released. GitLab recommends that all installations running a version affected by the issues described...
Gitlab -- multiple vulnerabilities
Gitlab reports: Static passwords inadvertently set during OmniAuth-based registration Stored XSS in notes Stored XSS on Multi-word milestone reference Denial of service caused by a specially crafted RDoc file GitLab Pages access tokens can be reused on multiple domains GitLab Pages uses default...
Cisco Business 220 Series Smart Switches 信任管理问题漏洞
Cisco Business 220 Series Smart Switches is a series of smart switches from Cisco, Inc. It is used to build reliable enterprise networks on a limited budget. A trust management issue vulnerability exists in the Cisco Business 220 Series Smart Switches firmware that stems from the use of static...
Cisco Unified CDM platform exposure of privileged accounts and static passwords-vulnerability warning-the black bar safety net
! Cisco's Unified CDM communications domain Manager was revealed to contain a default that cannot be modified privileged accounts and the use of static password, the attacker can use the platform to remote attacks and intrusions. Vulnerability Cisco's Unified CDM is a Cisco hosted collaboration...
R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities
R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities February 7, 2011 -- Vulnerability Details: The Accellion File Transfer Appliance, prior to version FTA80562, suffers from a number of security flaws that can lead to a remote root compromise. 1. Message Routing Daemon Default...
Accellion File Transfer Appliance Multiple Vulnerabilities
R7-0039: Accellion File Transfer Appliance Multiple Vulnerabilities February 7, 2011 -- Vulnerability Details: The Accellion File Transfer Appliance, prior to version FTA80562, suffers from a number of security flaws that can lead to a remote root compromise. 1. Message Routing Daemon Default...