Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications and forms. The solution supports mobile content management, marketing and sales campaign management, and multi-site management, etc. A cross-site scripting vulnerabilit...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

The vulnerability of the HarmonyOS operating system’s kernel arises from insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the HarmonyOS operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the HarmonyOS operating system’s kernel arises from insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the HarmonyOS operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 5 security fixes, including: 1263457 Critical CVE-2021-4098: Insufficient data validation in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-10-26 1270658 High CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin of...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1582-1 Rating: important References: 1192310 1192734 1193519 Cross-References: CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012...

Insecure Authentication

qt5-qtwebengine has insecure authentication. An insufficient data validation security issue has been found in the loader component of the Chromium browser engine...

ZZZCMS Cross-Site Scripting Vulnerability

ZZZCMS is a content management system CMS from the ZZZCMS team in China. ZZZCMS suffers from a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied and output data in the editfile action of /adminxxx/save.php. An attacker could exploit the...

Belloo Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in versions of Belloo prior to 4.2.7.7, which allows attackers to filter user-supplied data and output data via the aerror description parameter in the assets/sources/instagram.php script. description parameter in the assets/sources/instagram.php script...

74 CMS Cross-Site Scripting Vulnerability (CNVD-2021-99667)

74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Co. 74CMS has a cross-site scripting vulnerability in version v6.0.4, which originates from /index.php?m=&c=help&a=helplist&key missing a data validation filter for user-supplied data and output. An attacker coul...

DouPHP Cross-Site Scripting Vulnerability (CNVD-2022-03909)

DouPHP is a lightweight enterprise content management system CMS from China DouShell Network Technology, Inc. A cross-site scripting vulnerability exists in DouPHP, which stems from a lack of data validation filtering of user-supplied and output data in /admin/cloud.php. An attacker could exploit...

Gryphon Tower Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Gryphon Tower, a wireless router from Gryphon. The vulnerability stems from a lack of user-supplied data and output data validation filtering in the url parameter of cgi-bin/luci/siteaccess/, which can be exploited to execute client-side JavaScript...

KNIME Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Knime, the Swiss company's enterprise software for putting data science workflows into production. knime stems from the lack of proper validation of client-side data by the WEB application, which can be exploited by attackers to execute client-side...

Chromium: CVE-2021-4059 Insufficient data validation in loader

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome Security Updates (stable-channel-update-for-desktop-2021-02) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

WordPress Online Booking and Scheduling Plugin Cross-Site Scripting Vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Online Booking and Scheduling plugin has a cross-site scripting vulnerability in versions prior to 20.3.1,...

WordPress LoginWP plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress LoginWP plugin has a cross-site scripting vulnerability in versions prior to 3.0.0.5, which...

WordPress PDF.js Viewer plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress PDF.js Viewer plugin has a cross-site scripting vulnerability in versions prior to 2.0.2, whi...

WordPress Photo Gallery by 10Web plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress Photo Gallery by 10Web plugin before 1.5.68 has a cross-site scripting vulnerability, which stems fro...

The vulnerability of the Azure RTOS operating system, which arises due to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of the Azure RTOS exists due to insufficient checking of input data. Exploiting this vulnerability can allow attackers to increase their privileges...