Microsoft Internet Explorer Buffer Overflow Vulnerability (CNVD-2020-13691)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. A buffer overflow vulnerability exists in the way memory objects are handled in Microsoft IE 9, 10, and 11. The vulnerability stems from a network system or product...

Apache NiFi Cross-Site Scripting Vulnerability (CNVD-2020-04926)

Apache NiFi is a data-flow based data processing and distribution system of the Apache Apache Software Foundation, USA. The system supports the configuration and transformation of data routing indicator maps and system intermediary logic. A cross-site scripting vulnerability exists in Apache NiFi...

Google TensorFlow Code Issues Vulnerabilities

TensorFlow is an end-to-end open source platform for machine learning. A code issue vulnerability exists in Google TensorFlow. The vulnerability stems from a networked system or product that does not properly validate incoming data. No details of the vulnerability are provided at this time...

ASUS WRT-AC66U Cross-Site Scripting Vulnerability (CNVD-2020-04914)

The ASUS WRT-AC66U is a product of Asus Taiwan, China. A cross-site scripting vulnerability exists in the ASUS WRT-AC66U. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

Adobe FrameMaker TGA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

CVE-2020-6416

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6416

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Input validation

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6416

CVE-2020-6416 affects Chromium-based Chromium/Google Chrome prior to 80.0.3987.87 in the streams component. The root cause is insufficient data validation in streams, enabling a remote attacker to potentially trigger heap corruption via a crafted HTML page. Public advisories (Debian, Arch Linux A...

CVE-2020-6416

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6416

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

Unspecified Vulnerability in PlaySMS

PlaySMS is a web-based SMS platform. The platform supports connectivity to SMS gateways, personal messaging systems, and corporate group communication tools. A security vulnerability exists in PlaySMS. The vulnerability stems from a web-based system or product that does not properly validate...

GitLab Cross-Site Scripting Vulnerability (CNVD-2020-04574)

GitLab is a Ruby on Rails developed, self-hosted, Git version control system project repository application from GitLab, Inc. The program can be used to access the project's file contents, commit history, bug list , etc. Git is a free, open source distributed version control system. A cross-site...

Zimbra Collaboration Cross-Site Scripting Vulnerability (CNVD-2020-05086)

Zimbra Collaboration is a suite of email and collaboration solutions from Zimbra USA. The solution offers email, contacts, calendaring, file sharing, social networking, and more. A cross-site scripting vulnerability exists in Zimbra Collaboration. The vulnerability stems from the WEB application'...

WSO2 API Manager Cross-Site Scripting Vulnerability (CNVD-2020-05092)

WSO2 API Manager is an open source api management platform , provides a series of api creation , release , lifecycle management , version control , monetization, governance and security features , used to support organizations to achieve soa. A cross-site scripting vulnerability exists in WSO2 AP...

Lustre mdt module input validation error vulnerability

Lustre is a parallel distributed file system typically used in large computer clusters and supercomputers, of which Lustre mdt is a module. An input validation error vulnerability exists in the Lustre mdt module. The vulnerability stems from a network system or product that does not properly...

Lustre mdt module buffer overflow vulnerability

Lustre is a parallel distributed file system typically used in large computer clusters and supercomputers, of which Lustre mdt is a module. A buffer overflow vulnerability exists in the Lustre mdt module. The vulnerability stems from a networked system or product performing operations in memory...

FortiSIEM Cross-Site Scripting Vulnerability

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation and unified management. A cross-site scripting vulnerability exists in FortiSIEM. The vulnerability...

Dolibarr cross-site scripting vulnerability (CNVD-2020-04932)

Dolibarr is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A cross-site scripting vulnerability exists in Dolibarr. The...