Adobe FrameMaker GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GI...

Bolt CMS Cross-Site Scripting Vulnerability (CNVD-2020-35955)

Bolt CMS is a PHP-based open source content management system for the Bolt community. A cross-site scripting vulnerability exists in Bolt CMS versions prior to 3.7.1. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

Microsoft Windows Media Foundation Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Media...

Neon theme cross-site scripting vulnerability

Bootstrap is a use of HTML, CSS and JavaScript development of open source web front-end framework . Neon theme is used in one of the theme plugin . A cross-site scripting vulnerability exists in Neon theme 2.0 and later versions prior to 2020-06-03 Bootstrap, which stems from a lack of proper...

Cybele Software Thinfinity VirtualUI Cross-Site Scripting Vulnerability

Cybele Software Thinfinity VirtualUI is a solution from Cybele Software that supports embedding remote Windows applications into standard Web applications, allowing two-way interaction with Javascript programming. A cross-site scripting vulnerability exists in Cybele Software Thinfinity VirtualUI...

IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2020-32644)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A cross-site scripting vulnerability exists in IBM Security Guardium...

October CMS Cross-Site Scripting Vulnerability (CNVD-2020-38888)

October CMS is an open source content management system CMS based on PHP and Laravel web application framework. A cross-site scripting vulnerability exists in October CMS composer versions 1.0.319 and later fixed in version 1.0.466. The vulnerability stems from a lack of proper validation of...

Django Cross-Site Scripting Vulnerability (CNVD-2020-53544)

Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes object-oriented mapper , view system , template system and so on. A cross-site scripting vulnerability exists in Django version 2.2 before 2.2.13 and version 3.0...

KLA11796 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Da...

Codeorigin Sysax Multi Server Cross-Site Scripting Vulnerability

Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows from Codeorigin USA. A cross-site scripting vulnerability exists in Codeorigin Sysax Multi Server version 6.90. The vulnerability stems from a lack of proper validation of client data by the WEB...

Bitrix24 Web Application Firewall Cross-Site Scripting Vulnerability

Bitrix24 is a suite of enterprise social platforms from Bitrix, USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management.Web Application Firewall is one of the Web Application Firewalls. A cross-site scripting vulnerability...

The vulnerabilities of SIPROTEC relay protection devices stem from insufficient validation of input data, allowing attackers to trigger malfunctions in the service.

The vulnerability of SIPROTEC relay protection devices is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to trigger a service failure using specially created packets sent to port 50000/UDP...

Cross-site scripting vulnerability in WebKit component of multiple Apple products (CNVD-2020-43687)

Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple iPadOS is an operating system for iPad tablets.WebKit is one of the web browser engine components. A cross-site scripting vulnerability exists in the WebKit component of several App...

Apple macOS AudioToolboxCore AIFF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Inductive Automation Ignition Code Issue Vulnerability (CNVD-2020-34643)

Inductive Automation Ignition is a suite of integrated software platforms for SCADA systems from Inductive Automation, Inc. The platform supports SCADA data acquisition and monitoring systems, HMI human machine interface and more. A code issue vulnerability exists in Inductive Automation Ignition...

Grafana Cross-Site Scripting Vulnerability (CNVD-2020-31669)

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. Grafana suffers from a cross-site scripting vulnerability. The vulnerability stems fro...

Grafana piechart-panel cross-site scripting vulnerability

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus etc. piechart-panel is one of the pie chart plugin. A cross-site scripting vulnerability exists in Grafan...

Gila CMS Cross-Site Scripting Vulnerability (CNVD-2020-34658)

Gila CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in Gila CMS versions prior to 1.11.6. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

ocProducts Composr CMS Cross-Site Scripting Vulnerability

ocProducts Composr CMS is the UK ocProducts company's set of open source content management system CMS written in PHP language . A cross-site scripting vulnerability exists in ocProducts Composr CMS version 10.0.30. The vulnerability stems from a lack of proper validation of client-side data by t...

Google Chrome Security Update (stable-channel-update-for-desktop_19-2020-05) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...