SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Microsoft Windows Camera Codec Pack Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

HCL Digital Experience Cross-Site Scripting Vulnerability

HCL Technologies Digital Experience is a suite of digital experience platforms, content delivery solutions from HCL Technologies India. A cross-site scripting vulnerability exists in HCL Digital Experience version 8.5, 9.0, 9.5. The vulnerability stems from the lack of proper validation of...

Microsoft Windows Camera Codec Pack Image Processing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

LAquis SCADA LQS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LQS...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2020-17416

CVE-2020-17416 affects Foxit Reader (and related Foxit PhantomPDF components) where the flaw is in JPEG2000 image parsing. The vulnerability is an out-of-bounds write that can allow remote code execution in the context of the affected process. It requires user interaction (target must open a mali...

CVE-2020-17413

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

chromium-browser: Insufficient data validation in dialogs

Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

CVE-2020-8821

An Improper Data Validation Vulnerability exists in Webmin 1.941 and earlier affecting the Command Shell Endpoint. A user may enter HTML code into the Command field and submit it. Then, after visiting the Action Logs Menu and displaying logs, the HTML code will be rendered however, JavaScript is...

CVE-2020-8821

An Improper Data Validation Vulnerability exists in Webmin 1.941 and earlier affecting the Command Shell Endpoint. A user may enter HTML code into the Command field and submit it. Then, after visiting the Action Logs Menu and displaying logs, the HTML code will be rendered however, JavaScript is...

Input validation

An Improper Data Validation Vulnerability exists in Webmin 1.941 and earlier affecting the Command Shell Endpoint. A user may enter HTML code into the Command field and submit it. Then, after visiting the Action Logs Menu and displaying logs, the HTML code will be rendered however, JavaScript is...

CVE-2020-8821

Affected software: Webmin 1.941 and earlier. Root cause: Improper data validation in the Command Shell Endpoint allows HTML to be submitted in the Command field; HTML is rendered in Action Logs and across users, with no JavaScript execution. Impact: HTML rendering in logs and cross-user persisten...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability (CNVD-2020-61955)

Cisco Identity Services Engine ISE is an identity-based environment awareness platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. A cross-site scripting...

The vulnerability of the Cisco IOS XE network devices in the Cisco Catalyst 9000 Series operating system, which stems from insufficient input data validation, allows attackers to trigger service interruptions.

The vulnerability of the Cisco IOS XE network devices in the Cisco Catalyst 9000 series operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service interruptions...

CVE-2020-15978

Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page...

CVE-2020-15983

Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...

CVE-2020-15977

Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

RHEL 6 : chromium-browser (RHSA-2020:4206)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4206 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 85.0.4183.121. Security Fixes:...