what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

CVE-2019-11358

Status Candidate

Overview

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

Related Files

Red Hat Security Advisory 2020-5581-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5581-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2019-11358
MD5 | bd946b390d9987f8f45223214602819b
Red Hat Security Advisory 2020-4670-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4670-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include code execution, cross site scripting, denial of service, memory leak, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2015-9251, CVE-2016-10735, CVE-2018-14040, CVE-2018-14042, CVE-2018-20676, CVE-2018-20677, CVE-2019-11358, CVE-2019-8331, CVE-2020-11022, CVE-2020-1722
MD5 | a2c90d593b9c6e8811884b85e307573e
Red Hat Security Advisory 2020-4847-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4847-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include code execution, cross site scripting, denial of service, and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2015-9251, CVE-2016-10735, CVE-2018-14040, CVE-2018-14042, CVE-2019-10146, CVE-2019-10179, CVE-2019-10221, CVE-2019-11358, CVE-2019-8331, CVE-2020-11022, CVE-2020-11023, CVE-2020-15720, CVE-2020-1721
MD5 | 7ecfb4bf539e1fbe2b8442201768bfc4
Red Hat Security Advisory 2020-4298-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4298-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2016-10739, CVE-2018-14404, CVE-2018-14498, CVE-2018-16890, CVE-2018-18074, CVE-2018-18624, CVE-2018-18751, CVE-2018-19519, CVE-2018-20060, CVE-2018-20337, CVE-2018-20483, CVE-2018-20657, CVE-2018-20852, CVE-2018-9251, CVE-2019-1010180, CVE-2019-1010204, CVE-2019-11070, CVE-2019-11236, CVE-2019-11324, CVE-2019-11358, CVE-2019-11459, CVE-2019-12447, CVE-2019-12448, CVE-2019-12449, CVE-2019-12450
MD5 | 299014ca30efa3c45bd95e89d230f844
Red Hat Security Advisory 2020-3936-01
Posted Sep 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3936-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include code execution, cross site scripting, denial of service, and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2015-9251, CVE-2016-10735, CVE-2018-14040, CVE-2018-14042, CVE-2018-20676, CVE-2018-20677, CVE-2019-11358, CVE-2019-8331, CVE-2020-11022, CVE-2020-1722
MD5 | 648b9085f5b80447ba1137223a559f46
Red Hat Security Advisory 2020-2412-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2412-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-11254, CVE-2019-11358, CVE-2020-10749, CVE-2020-11022, CVE-2020-11023, CVE-2020-8558, CVE-2020-9283
MD5 | fb50c62e152a3bb91c8924226093206d
Red Hat Security Advisory 2020-1325-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1325-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2019-11358
MD5 | bc1fc951b7be9a1c46f0ace64b3d5824
OctoberCMS Insecure Dependencies
Posted Mar 15, 2020
Authored by John Martinelli from ISRD.com

OctoberCMS is a CMS similar to WordPress, but with much less "fluff". The SECURELI.com team identified the latest version of OctoberCMS relying on Bootstrap 3.3.7, jQuery 1.11.1, and jQuery 3.3.1. All of these dependencies are vulnerable.

tags | advisory
advisories | CVE-2015-9251, CVE-2018-14040, CVE-2018-14041, CVE-2018-14042, CVE-2019-11358, CVE-2019-8331
MD5 | afb9fc31af2a357980e16f943328dde1
Red Hat Security Advisory 2019-3024-01
Posted Oct 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3024-01 - The ovirt-web-ui package provides the web interface for Red Hat Virtualization. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-10744, CVE-2019-11358, CVE-2019-8331
MD5 | 34d270987353fef45ff226704c50a15d
Red Hat Security Advisory 2019-3023-01
Posted Oct 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3023-01 - The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2016-10735, CVE-2018-20676, CVE-2018-20677, CVE-2019-11358, CVE-2019-8331
MD5 | ead5ab3cdfaaa8cea7bbae101c52ab4a
Red Hat Security Advisory 2019-2587-01
Posted Sep 5, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2587-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, ruby
systems | linux, redhat
advisories | CVE-2018-10854, CVE-2019-11358
MD5 | 4a269facd1f167041fb41ba93b5c7c63
Debian Security Advisory 4460-1
Posted Jun 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4460-1 - Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures.

tags | advisory, denial of service, vulnerability, xss, info disclosure
systems | linux, debian
advisories | CVE-2019-11358, CVE-2019-12466, CVE-2019-12467, CVE-2019-12468, CVE-2019-12469, CVE-2019-12470, CVE-2019-12471, CVE-2019-12472, CVE-2019-12473, CVE-2019-12474
MD5 | 7c86f41444ebb88239c5b0b50bd85cc6
Red Hat Security Advisory 2019-1456-01
Posted Jun 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1456-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2016-10735, CVE-2018-14041, CVE-2018-20676, CVE-2018-20677, CVE-2019-10157, CVE-2019-11358, CVE-2019-3872, CVE-2019-3873, CVE-2019-3875, CVE-2019-3888, CVE-2019-8331
MD5 | 312072aa48b6ca353c869b99f8e578dd
RetireJS CORS Issue / Script Execution
Posted Jun 7, 2019
Authored by John Martinelli from ISRD.com

RetireJS was scanned with itself and found to contain multiple vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-6708, CVE-2015-9251, CVE-2019-11358
MD5 | 689e1b2b7dbde3aae28f1a321e53a0d6
dotCMS 5.1.1 Vulnerable Dependencies
Posted May 9, 2019
Authored by John Martinelli from ISRD.com

dotCMS version 5.1.1 suffers from cross site scripting and various other vulnerabilities due to various open source dependencies.

tags | advisory, vulnerability, xss
advisories | CVE-2008-7220, CVE-2015-9251, CVE-2018-14040, CVE-2018-14041, CVE-2019-11358
MD5 | 9e53ca2a35a92379f55b21ad389e087c
Debian Security Advisory 4434-1
Posted Apr 22, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4434-1 - A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2019-11358
MD5 | fad7ec5b9301e51a47961b29cb334625
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close