[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15192 Download | Alert*

Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.

The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

The host is installed with Atlassian Jira Server version 7.4.0 before version 8.4.0 and is prone to a cross site request forgery. A flaw is present in the application which fails to properly handle the Webwork action. Successful exploitation could allow attackers to to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.

Use of Cache Containing Sensitive Information in Atlassian Jira Server version 7.13.0 before version 8.4.0. A flaw is present in the application which fails to properly handle the AccessLogFilter class. Successful exploitation could allow attackers to learn details about other users, including their username.

The host is installed with Atlassian Jira Server version 7.12.0 before version 7.13.7, from version 8.0.0 before version 8.3.3 and is prone to a cross site scripting vulnerability. A flaw is present in the application which fails to properly handle the FilterPickerPopup.jspa resource. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript.

The host is installed with Atlassian Jira Server version 7.6.0 before version 8.4.0 and is prone to an incorrect authorization check vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/1.0/render resource. Successful exploitation could allow attackers to determine if an attachment with a specific name exists and if an issue key is valid.

The host is installed with Atlassian Jira Server version 7.13.0 before version 8.3.2 and is prone to a cross site request forgery vulnerability. A flaw is present in the application which fails to properly handle the ServiceExecutor resource. Successful exploitation could allow attackers to trigger the creation of export files.

The host is installed with Atlassian Jira Server version 7.6.0 before version 8.3.2 and is prone to an incorrect authorization check vulnerability. A flaw is present in the application which fails to properly handle the /rest/issueNav/1/issueTable resource. Successful exploitation could allow attackers to enumerate usernames.

The host is installed with Atlassian Jira Server version 7.13.0 before version 7.13.7, from version 8.0.0 before version 8.3.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle the worklog rest resources. Successful exploitation could allow attackers to view worklog time information.

The host is installed with Atlassian Jira Server version 7.7 before version 7.13.6, from version 8.0.0 before version 8.3.2 and is prone to a cross site scripting vulnerability. A flaw is present in the application which fails to properly handle the wikirenderer component. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript.


Pages:      Start    1008    1009    1010    1011    1012    1013    1014    1015    1016    1017    1018    1019    1020    1021    ..   1519

© SecPod Technologies