Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Bentley MicroStation CONNECT FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Bentley View DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Bentley MicroStation CONNECT BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Emlog 跨站脚本漏洞

Emlog is a PHP and MySQL-based CMS website builder from Emlog personal developers. Emlog suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could use this vulnerability to execute JavaScript code ...

Oracle data feed is insufficiently validated.

Handle throttle Vulnerability details Impact Price can be stale and can lead to wrong quoteAmount return value Proof of Concept Oracle data feed is insufficiently validated. There is no check for stale price and round completeness. Price can be stale and can lead to wrong quoteAmount return value...

Calibre-Web 跨站脚本漏洞

Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A security vulnerability exists in Calibre-Web before 0.6.16, which stems from the WEB application's lack of proper validation of client-side data. An attacker could exploit the vulnerability ...

livehelperchat 跨站脚本漏洞

livehelperchat is a chat via a live helper that provides free live support on a website. A security vulnerability exists in livehelperchat that stems from the WEB application's lack of proper validation of client data. An attacker can exploit the vulnerability to execute client-side code...

Mageia: Security Advisory (MGASA-2020-0400)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2021-0555)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2021-0565)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Grav Cross-Site Scripting Vulnerability (CNVD-2022-07637)

A cross-site scripting vulnerability exists in versions of Grav prior to 1.7.28, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client side...

ForestBlog Cross-Site Scripting Vulnerability

ForestBlog is an application. A personal blog. ForestBlog suffers from a cross-site scripting vulnerability that stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerability to execute JavaScript code on the client side...

SPIP 跨站脚本漏洞

SPIP is a Web-based content publishing system. A cross-site scripting vulnerability exists in SPIP, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute client-side code...

WordPress Sendinblue plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress Plugin Sendinblue prior to version 3.1.25, which...

livehelperchat 跨站脚本漏洞

livehelperchat is a chat via a live helper that provides free live support on a website. A cross-site scripting vulnerability exists in livehelperchat, which stems from a lack of proper validation of client data by the WEB application in Packagist remdex/livehelperchat in 3.93. An attacker can...

WordPress Simple Download Monitor plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions prior to Wordpress Plugin Simple Download Monitor 3.9.11, which stems fr...

showdoc cross-site scripting vulnerability

showdoc is an open source tool ideal for IT teams to share documents online. showdoc suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute client-side code...