OPENSUSE-SU-2022:0123-1 Security update for opera

This update for opera fixes the following issues: Update to 86.0.4363.23: - CHR-8843 Update chromium on desktop-stable-100-4363 to 100.0.4896.127 - DNA-98236 Turn on snap-text-selection on all streams - DNA-98507 DCHECK at addressbarcontroller.cc547 - DNA-98528 Suggestions for internal pages...

CVE-2022-22427

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223720...

CVE-2022-22443

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 224440...

CVE-2022-22322

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218370...

CVE-2021-38952

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 211408...

IBM InfoSphere Information Server 跨站脚本漏洞

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7, which can be...

CVE-2021-34601

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to the web-UI...

Security Bulletin: IBM InfoSphere Master Data Management is vulnerable to a Insecure JSF ViewState found in MDM User Interface (CVE-2016-9714)

Summary IBM InfoSphere Master Data Management is vulnerable to a Insecure JSF ViewState found in MDM Busines Admin User Interface which could allow an attacker to execute malicious and unauthorized actions. Vulnerability Details CVEID: CVE-2016-9714 DESCRIPTION: IBM InfoSphere Master Data...

CVE-2022-22427

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223720...

CVE-2022-2511

Cross-site Scripting XSS vulnerability in the "commonuserinterface" component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL...

IBM QRadar SIEM 跨站脚本漏洞

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. IBM QRadar SIEM...

CVE-2022-22345

IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 220041...

Fedora: Security Advisory for podman-tui (FEDORA-2022-932d07be95)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: podman-tui-0.2.1-1.fc35

podman-tui is a terminal user interface for Podman v3 =3D 3.1. it is using podman.socket service to communicate with podman machine...

Cross site scripting

A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the...

CVE-2022-20778 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the...

CVE-2022-22435

IBM Maximo Asset Management 7.6.1.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

DEBIAN-CVE-2022-29536

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered...

Code injection

Authorized users may install a maliciously modified package file when updating the device via the web user interface. The user may inadvertently use a package file obtained from an unauthorized source or a file that was compromised between download and deployment...

Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the...