Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
WiFi File Transfer v1.0.8 – Cross Site Scripting Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2322

Release Date:
=============
2022-10-17

Vulnerability Laboratory ID (VL-ID):
====================================
2322

Common Vulnerability Scoring System:
====================================
5.6

Vulnerability Class:
====================
Cross Site…

Read More

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Webile v1.0.1 – Directory Traversal Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2320

Release Date:
=============
2022-10-10

Vulnerability Laboratory ID (VL-ID):
====================================
2320

Common Vulnerability Scoring System:
====================================
7.3

Vulnerability Class:
====================
Directory- or…

Read More

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Stripe Green Downloads 2.03 – Cross Site Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2287

Release Date:
=============
2022-10-17

Vulnerability Laboratory ID (VL-ID):
====================================
2287

Common Vulnerability Scoring System:
====================================
5.2

Vulnerability Class:
====================
Cross Site…

Read More

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Vicidial v2.14-783a – Multiple XSS Web Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2311

Release Date:
=============
2022-10-11

Vulnerability Laboratory ID (VL-ID):
====================================
2311

Common Vulnerability Scoring System:
====================================
5.2

Vulnerability Class:
====================
Cross Site Scripting…

Read More

Posted by info () vulnerability-lab com on Oct 20

Document Title:
===============
Knap (APL) v3.1.3 – Persistent Cross Site Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2307

Release Date:
=============
2022-10-10

Vulnerability Laboratory ID (VL-ID):
====================================
2307

Common Vulnerability Scoring System:
====================================
5.7

Vulnerability Class:
====================
Cross Site…

Read More

Posted by Sven Anders on Oct 20

Hi,

we opened a bug at OpenStack, 3 month ago, but nobody takes care about it. Due
to the OpenStack guidlines the bug report is now public readable.

https://bugs.launchpad.net/horizon/+bug/1980349

I am not a security expert and do not know how bad this bug is, there is now
CVE and so on. Please be kind.

# Description of the bug

We use OpenStack horizon in the following version: `git+https://opendev.org/…

Read More

FEDORA-2022-2173709172

Packages in this update:

pypy3.7-7.3.9-4.3.7.fc36

Update description:

Backport fix for CVE-2021-28861

Read More

FEDORA-2022-01d5789c08

Packages in this update:

pypy3.7-7.3.9-4.3.7.fc35

Update description:

Backport fix for CVE-2021-28861

Read More

Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard that hosts the WiFi card on the device.

Read More

FEDORA-2022-aeafd24818

Packages in this update:

libxml2-2.10.3-1.fc36

Update description:

Update to 2.10.3

Fix CVE-2022-40303
Fix CVE-2022-40304

Read More