7 matches found
Multiple RBAC issues in XAPI
ISSUE DESCRIPTION XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.htmlrbac-roles The pool-admin role is fully privileged. Notably, users with this role can als...
EUVD-2020-26586
Malware in sbrugna...
CVE-2020-5417
Cloud Foundry CAPI Cloud Controller, versions prior to 1.97.0, when used in a deployment where an app domain is also the system domain which is true in the default CF Deployment manifest, were vulnerable to developers maliciously or accidentally claiming certain sensitive routes, potentially...
Design/Logic Flaw
Cloud Foundry CAPI Cloud Controller, versions prior to 1.97.0, when used in a deployment where an app domain is also the system domain which is true in the default CF Deployment manifest, were vulnerable to developers maliciously or accidentally claiming certain sensitive routes, potentially...
CVE-2020-5417 Cloud Controller may allow developers to claim sensitive routes
Cloud Foundry CAPI Cloud Controller, versions prior to 1.97.0, when used in a deployment where an app domain is also the system domain which is true in the default CF Deployment manifest, were vulnerable to developers maliciously or accidentally claiming certain sensitive routes, potentially...
CVE-2020-5417: Cloud Controller may allow developers to claim sensitive routes | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Description Cloud Foundry CAPI Cloud Controller, versions prior to 1.97.0, when used in a deployment where an app domain is also the system domain which is true in the default CF Deployment manifest, is vulnerable to developers maliciously or...
Adobe Reader < 11.0.3 / 10.1.7 / 9.5.5 Multiple Vulnerabilities (APSB13-15) (Mac OS X)
The version of Adobe Reader installed on the remote Mac OS X host is prior to 11.0.3, 10.1.7, or 9.5.5. It is, therefore, affected by the following vulnerabilities : - Unspecified memory corruption issues exist that allow an attacker to execute arbitrary code. CVE-2013-2718, CVE-2013-2719,...