Alerts

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions...

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript...

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized...

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This...

Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache (for example, the cache may have a...

Discourse is an open source platform for community discussion. PM titles and metadata can be read by other users when the "PM tags allowed for groups" option is enabled, the other user is a member...

Discourse is an open source platform for community discussion. An attacker can execute arbitrary JavaScript on users' browsers by posting a maliciously crafted onebox url. This issue only...

Discourse is an open source platform for community discussion. In affected versions an attacker can trick a target user to make changes to their own username via carefully crafted link using the...

Discourse is an open source platform for community discussion. In affected versions an attacker can execute arbitrary JavaScript on users' browsers by posting a malicious video placeholder...