Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

CVE-2024-2878

Gitlab reports: ReDoS in branch search when using wildcards ReDoS in markdown render pipeline Redos on Discord integrations Redos on Google Chat Integration Denial of Service Attack via Pin Menu DoS by filtering tags and branches via the API MR approval via CSRF in SAML SSO Banned user from groups can read issues updates via the api Require confirmation before linking JWT identity View confidential issues title and description of any public project via export SSRF via Github importer

This Cyber News was published on www.tenable.com. Publication date: Fri, 10 May 2024 06:56:04 +0000

Cyber News related to CVE-2024-2878

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
11 months ago Feeds.dzone.com

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
1 year ago Tenable.com

CVE-2024-2878 - Gitlab reports: ...
1 year ago Tenable.com

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2009-2879 - Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS ...
8 years ago

CVE-2009-2876 - Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS ...
8 years ago

CVE-2009-2878 - Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS ...
8 years ago

CVE-2005-2878 - Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command. ...
8 years ago

CVE-2016-2878 - Multiple cross-site request forgery (CSRF) vulnerabilities in IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 allow remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. ...
8 years ago

CVE-2013-2878 - Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text. ...
7 years ago

CVE-2007-2878 - The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors. ...
7 years ago

CVE-2015-2878 - Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to ...
6 years ago

CVE-2010-2878 - DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary ...
1 year ago

CVE-2008-2878 - Open redirect vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter. ...
6 years ago

CVE-2006-2878 - The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by preg_replace with ...
6 years ago

CVE-2012-2878 - Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. ...
6 years ago

CVE-2011-2878 - Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. ...
5 years ago

CVE-2018-2878 - Vulnerability in the PeopleSoft Enterprise HCM Shared Components component of Oracle PeopleSoft Products (subcomponent: Notepad). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with ...
5 years ago

CVE-2020-2878 - Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Mail). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to ...
5 years ago

CVE-2019-2878 - Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). The supported version that is affected is 8.8.3. Easily exploitable vulnerability allows unauthenticated ...
5 years ago

CVE-2017-2878 - An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting ...
3 years ago

CVE-2023-2878 - Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs. ...
1 year ago

CVE-2021-47183 - In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS ...
1 year ago Tenable.com

CVE-2025-2878 - A vulnerability was found in Kentico CMS up to 13.0.178. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /CMSInstall/install.aspx of the component Additional Database Installation Wizard. ...
5 months ago