Page 3 of 16 results (0.010 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-10854 – cloudforms: stored cross-site scripting in Name field

https://notcve.org/view.php?id=CVE-2018-10854

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field. La versión de Cloudforms, Cloudforms versión 5.8 y Cloudforms versión 5.9, son vulnerables a un ataque de tipo cross-site-scripting. Se encontró un fallo en la funcionalidad de eliminación de mapeo de infraestructura v2v de CloudForms. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10854 https://access.redhat.com/security/cve/CVE-2018-10854 https://bugzilla.redhat.com/show_bug.cgi?id=1590538 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-10159 – cfme: Improper authorization in migration log controller allows any user to access VM migration logs

https://notcve.org/view.php?id=CVE-2019-10159

cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration log controller. An attacker with access to an unprivileged user can access all VM migration logs available. cfme-gemset versión 5.10.4.3 y anteriores, versión 5.9.9.3 y anteriores son vulnerables a un filtrado de datos, debido a una autorización inapropiada en el controlador del registro de migración. Un atacante con acceso a un usuario sin privilegios puede ingresar a todos los registros de migración VM disponibles. A data leak vulnerability was found in cfme-gemset, in versions including and prior to 5.10.4.3 and versions including and prior to 5.9.9.3, due to an improper authorization in the migration log controller. An attacker with access to an unprivileged user account can access all VM migration logs available. • https://access.redhat.com/errata/RHSA-2019:2466 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10159 https://access.redhat.com/security/cve/CVE-2019-10159 https://bugzilla.redhat.com/show_bug.cgi?id=1718080 • CWE-285: Improper Authorization •

CVSS: 6.1EPSS: 2%CPEs: 218EXPL: 4

CVE-2019-11358 – jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection

https://notcve.org/view.php?id=CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propiedad enumerable __proto__, podría extender el Object.prototype nativo. A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. • https://github.com/isacaya/CVE-2019-11358 https://github.com/ossf-cve-benchmark/CVE-2019-11358 https://github.com/Snorlyd/https-nj.gov---CVE-2019-11358 http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html http://packetstormsecurity.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1

CVE-2019-5419 – rubygem-actionpack: denial of service vulnerability in Action View

https://notcve.org/view.php?id=CVE-2019-5419

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. Hay una posible vulnerabilidad de denegación de servicio (DoS) en la vista de acción en Rails, en versiones anteriores a las 5.2.2.1, 5.1.6.2, 5.0.7.2 y 4.2.11.1 donde las cabeceras de aceptación especialmente manipuladas pueden provocar que dicha vista consuma el 100 % de la CPU y haga que el servidor deje de responder. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html http://www.openwall.com/lists/oss-security/2019/03/22/1 https://access.redhat.com/errata/RHSA-2019:0796 https://access.redhat.com/errata/RHSA-2019:1147 https://access.redhat.com/errata/RHSA-2019:1149 https://access.redhat.com/errata/RHSA-2019:1289 https:/ • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.1EPSS: 97%CPEs: 10EXPL: 9

CVE-2019-5418 – Rails 5.2.1 - Arbitrary File Content Disclosure

https://notcve.org/view.php?id=CVE-2019-5418

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. Existe una vulnerabilidad de Divulgación del contenido del archivo en la Vista de acción versión anterior a .2.2.1, versión anterior a 1.6.2, versión anterior a 5.0.7.2, versión anterior a 4.2.11.1 y v3, donde los encabezados de aceptación especialmente diseñados pueden exponer el contenido de archivos arbitrarios en el sistema de archivos del sistema de destino. . A content disclosure flaw was found in rubygem-actionview. Specially crafted accept headers, in combination with calls to 'render file:', can cause arbitrary files on the target server to be rendered, disclosing the file contents. Code execution cannot be ruled out if the attacker is able to gain access to the proper files. • https://www.exploit-db.com/exploits/46585 https://github.com/mpgn/CVE-2019-5418 https://github.com/brompwnie/CVE-2019-5418-Scanner https://github.com/omarkurt/CVE-2019-5418 https://github.com/takeokunn/CVE-2019-5418 https://github.com/random-robbie/CVE-2019-5418 https://github.com/kailing0220/CVE-2019-5418 https://github.com/ztgrace/CVE-2019-5418-Rails3 http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00011.html http://packetstormsecurity.com/files/152178/Rai • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •