[FD] secuvera-SA-2024-02: Multiple Persistent Cross-Site Scritping (XSS) flaws in Drupal-Wiki

ion of the SA for 2024/04/14 2024/04/14 postponed public release as assign request of cve was not answered yet. 2024/05/06 CVE was assigned. Public release. Credits: Simon Bieber sbie...@secuvera.de secuvera GmbH https://www.secuvera.de Disclaimer: All information is provided

[FD] secuvera-SA-2021-01: Privilege Escalation in NetSetMan Pro 4.7.2

21/06/02 verified vendor suggested fix using version 5.0.6; updated advisory and contacted vendor again; vendor suggested edits 2021/06/09 updated advisory and requested CVE identifier 2021/06/10 public disclosure Credits: Simon Bieber sbie...@secuvera.de sec

[FD] secuvera-SA-2016-01: Multiple authentication weaknesses in Arvato Systems Streamworks Job Scheduler

t within release 9.3 (shipped on 2nd quarter 2018) the issues will be fixed Final disclosure timeline: 2019/01/14 after a sufficient grace period to customers to install the fixed release 2019/01/14 public advisory disclosure Credits Simon Bieber, secuvera

[FD] secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application

per replied proposing fix 2018/03/28 Developer contacted us to announce the upcoming release 2018/04/05 OCS Version 2.4.1 was released 2018/08/09 Release of the security advisory Credits Simon Bieber, secuvera GmbH sbie...@secuvera.de https://www.secuvera.de Thanks to: Mi

[FD] secuvera-SA-2017-03: Reflected Cross-Site-Scripting Vulnerabilities in OCS Inventory NG ocsreports Web application

ng fix 2018/03/28 Developer contacted us to announce the upcoming release 2018/04/05 OCS Version 2.4.1 with fix was released 2018/08/10 Release of the security advisory Credits Simon Bieber, secuvera GmbH sbie...@secuvera.de https://www.secuvera.de Thanks to: Michael He