EUVD-2013-3496

Malware in sbrugna...

CVE-2014-9241

Multiple cross-site scripting XSS vulnerabilities in MyBB aka MyBulletinBoard 1.8.x before 1.8.2 allow remote attackers to inject arbitrary web script or HTML via the 1 type parameter to report.php, 2 signature parameter in a doeditsig action to usercp.php, or 3 title parameter in the...

SUSE CVE-2017-7234

A maliciously crafted URL to a Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 site using the django.views.static.serve view could redirect to any other domain, aka an open redirect vulnerability...

GHSA-2JQ6-FFPH-P4H8 Kubernetes arbitrary file overwrite

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

Kubernetes arbitrary file overwrite

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

GHSA-JJ23-FJ2V-M872 MoinMoin Improper Access Control vulnerability

MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603...

CVE-2021-34824

Istio 1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1 contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces...

PT-2021-15388 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions 1.8.0 through 1.8.6 Argo CD versions 1.7.0 through 1.7.13 Description: The issue allows an attacker to cause leaked secret data into web UI error messages and logs due to exposure of system data to an unauthorized control...

Lemocms Code Issues Vulnerabilities

Lemocms is a backend administration site builder developed by Lemocms Community based on ThinkPhp. A security vulnerability exists in lemocms version 1.8.x. The vulnerability stems from allowing users to upload files to upload executable files in appadmincontrollersysUploads.php...

VMware Harbor 1.7.x, 1.8.x < 1.8.6 / 1.9.x < 1.9.3

The version of VMware Harbor installed on the remote host is 1.7.x or 1.8.x prior to 1.8.6 or 1.9.x prior to 1.9.3. It is, therefore, affected multiple vulnerabilities, including the following: - A privilege escalation vulnerability that allows an authenticated, normal user to gain administrative...

PT-2019-7486 · Pippin Williamson · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...

PT-2019-7488 · Pippin Williamson · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...

Red Hat CoreOS Tectonic Cross-Site Scripting Vulnerability

Red Hat CoreOS Tectonic is an open source, automated enterprise Kubernetes platform from Red Hat. The platform is mainly used to automate the execution of operational tasks to achieve platform portability and multi-cluster management. A cross-site scripting vulnerability exists in Red Hat CoreOS...

Kubernetes 1.3.x < 1.7.14 / 1.8.x < 1.8.9 / 1.9.x < 1.9.4 multiple vulnerabilities

The version of Kubernetes installed on the remote host is version 1.3.x prior to 1.7.14, 1.8.x prior to 1.8.9 or 1.9.x prior to 1.9.4. It is, therefore, affected by multiple vulnerabilities. - An arbitrary file access vulnerability exists in containers using subpath volume mounts. An authenticate...

CVE-2018-1002100

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

Command injection

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

CVE-2018-1002100

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

Apache Subversion DoS Vulnerability (Nov 2017)

Apache Subversion is prone to a denial of service DoS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Apache Subversion 'libsvn_fs_fs/fs_fs.c' Denial of Service Vulnerability

Subversion is an open source multi-user version control system that supports non-ASCII text and binary data. A denial-of-service vulnerability exists in the libsvnfsfs/fsfs.c file in version 1.8.x of Apache Subversion prior to 1.8.2, which can be exploited by an authenticated, remote attacker to...

PYSEC-2015-21

validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...