4 matches found
CVE-2021-37146
An infinite loop in Open Robotics roscomm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in roscomm via a crafted XMLRPC call...
MGASA-2019-0144 Updated koji packages fix security vulnerability
Multiple xmlrpc call handlers in Koji’s hub code contain SQL injection bugs. By passing carefully constructed arguments to these calls, an unauthenticated user can issue arbitrary SQL commands to Koji’s database. This gives the attacker broad ability to manipulate or destroy data CVE-2018-1002161...
Debian DSA-4234-1 : lava-server - security update
Two vulnerabilities were discovered in LAVA, a continuous integration system for deploying operating systems for running tests, which could result in information disclosure of files readable by the lavaserver system user or the execution of arbitrary code via a XMLRPC call. C Tenable Network...
[SECURITY] [DSA 4234-1] lava-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4234-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2018 https://www.debian.org/security/faq -...