SUSE CVE-2022-47021

A null pointer dereference issue was discovered in functions opgetdata and opopen1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts...

PT-2023-19588 · Jenkins · Jenkins Bitbucket Oauth Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Bitbucket OAuth Plugin versions 0.12 and earlier Description: A cross-site request forgery CSRF issue allows attackers to trick users into logging in to the attacker's account. This can be achieved by exploiting the vulnerability in t...

Unspecified vulnerability in jupyterhub-kubespawner

jupyterhub-kubespawner is a package for spawning single-user laptop servers on Kubernetes clusters. A security vulnerability in versions of jupyterhub-kubespawner prior to 0.12 can be exploited by an attacker to access the default server of another user with the same username...

thrift: Endless loop when feed with specific input data

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...