obs-server before 1.7.7 allows logins by ‘unconfirmed’ accounts due to a bug in the REST api implementation.
Related Posts
- CVE-2014-3675 (enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_server_tus, enterprise_linux_workstation, shim)
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. View Full Alert
- CVE-2014-3675 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_tus, enterprise_linux_workstation, shim)
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. View Full Alert
- CVE-2019-10182 (enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_workstation, icedtea-web)
It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially…
