14 matches found
OPENSUSE-SU-2026:20361-1 Security update for osc, obs-scm-bridge
This update for osc, obs-scm-bridge fixes the following issues: Changes in osc: - 1.24.0 - Command-line: - Add '--target-owner' option to 'git-obs repo fork' command - Add '--self' parameter to fix 'no matching parent repo' error message in 'git-obs pr create' - Fix 'osc aggregatepac' for scmsync...
EUVD-2020-21265
Malware in sbrugna...
EUVD-2021-33031
Malicious code in bioql PyPI...
CVE-2021-24196
The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘tokenerror’ parameter can be controlled by users and it is directly echoed without being sanitized...
Error: "SR BACKEND FAILURE 181" in XenServer
After installation or upgrade to XenServer 6.0, user experiences issues with any storage related operations. The following error message appears: “SRBACKENDFAILURE181 Error In metadata Volume Operation For SR.” The following entries appears in the log /var/log/SMlog file: Error code:...
OSV-2022-987 Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51941 Crash type: Security exception Crash state: com.codeintelligence.jazzer.sanitizers.RegexInjection.hookInternal com.codeintelligence.jazzer.sanitizers.RegexInjection.stringHook...
PT-2022-15475 · Ibm · Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 4.4.1 through 5.0.0 Description: The issue allows unauthorized access due to an incorrectly computed security token. Recommendations: For versions 4.4.1 and 5.0.0, update to a version that correctly computes the...
Passport-Oauth2 安全漏洞
Passport-Oauth2 is an authentication policy. A security vulnerability exists in Passport-Oauth2 versions prior to 1.6.1, which stems from the fact that the passport-oauth2 package prior to Node.js 1.6.1 incorrectly handles an error condition that fails to obtain an access token. This is exploitab...
PT-2021-23346 · Unknown · Passport-Oauth2
Name of the Vulnerable Software and Affected Versions: passport-oauth2 versions prior to 1.6.1 Description: The issue concerns the mishandling of the error condition when failing to obtain an access token in certain use cases. Specifically, it is exploitable when an OAuth identity provider uses a...
Unauthenticated users can inject messages into the XSRF token error page
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to display arbitrary messages in the application via an injection vulnerability in the XSRF token error page. The affected versions are before version 8.5.14, and from version 8.6.0 before 8.12.1. ...
CVE-2021-24196
The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘tokenerror’ parameter can be controlled by users and it is directly echoed without being sanitized...
WEM Agent not launching - Error while retrieving user token groups list
Event ID: 0 event viewer error Log Name: Norskale Agent Service Source: Norskale Agent Service Description: Error while retrieving user token groups list...
FreeBSD : redmine -- information leak vulnerability (49def4b7-9ed6-11e5-8f5c-002590263bf5)
Redmine reports : Potential data leak project names in the invalid form authenticity token error screen. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine...
redmine -- information leak vulnerability
Redmine reports: Potential data leak project names in the invalid form authenticity token error screen...