CVE-2019-13670

Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2019-13675

Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page...

Pivotal Software RabbitMQ Cross-Site Scripting Vulnerability

Pivotal Software RabbitMQ is the United States Pivotal Software, Inc. of a set of implementation of the Advanced Message Queuing Protocol AMQP open source message broker software. A cross-site scripting vulnerability exists in Pivotal Software RabbitMQ. The vulnerability stems from a lack of prop...

The vulnerability of Microprogramming Software, Intel Converged Security and Manageability Engine (CSME), and Intel Trusted Execution Engine (TXE) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of Intel Active Management Technology’s microprogramming software, related to insufficient validation of input data, allows attackers to disclose protected information.

The vulnerability of Microprogramming Software under Intel Active Management Technology AMT is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of Microprogramming Software, Intel Converged Security and Manageability Engine (CSME), and Intel Trusted Execution Engine (TXE) arises from insufficient validation of input data, allowing attackers to disclose protected information.

The vulnerability of Microprogramming Software Intel Converged Security and Manageability Engine CSME and Intel Trusted Execution Engine TXE is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose protected information...

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2019-42820)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2019-42822)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

Matomo Cross-Site Scripting Vulnerability

matomo is an open source web analytics application based on PHP and MySQL. A cross-site scripting vulnerability exists in matomo versions prior to 1.10.1. The vulnerability stems from the WEB application w failing to properly validate client-side data. An attacker can exploit the vulnerability to...

Moodle Cross-Site Scripting Vulnerability (CNVD-2019-43888)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in Moodle versions 3.7 through 3.7.2, which stems from a lack of proper validation of clien...

AngularJS Cross-Site Scripting Vulnerability

AngularJS is a TypeScript-based open source web application framework. A cross-site scripting vulnerability exists in AngularJS, which stems from the lack of proper validation of client-side data in a WEB application and can be exploited by an attacker to execute client-side code...

Ilch Cross-Site Scripting Vulnerability

Ilch is an open source content management system CMS. A cross-site scripting vulnerability exists in Ilch. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side code...

Xoops Cross-Site Scripting Vulnerability (CNVD-2019-42844)

Xoops is an open source PHP and MySQL based content management system from the Xoops team. The system can be used to create online communities. Xoops suffers from a cross-site scripting vulnerability. The vulnerability stems from a lack of proper validation of client-side data by the WEB...

WordPress download-plugins-dashboard plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress download-plugins-dashboard plugin. The...

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of measures to sanitize input data, allowing a intruder to execute arbitrary code.

The vulnerability of Advantech WebAccess remote monitoring software lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

Apache Hadoop Buffer Overflow Vulnerability

Apache Hadoop is the United States Apache Apache Software Foundation's set of open source distributed systems infrastructure. A buffer overflow vulnerability exists in Apache Hadoop. The vulnerability stems from a network system or product performing operations in memory without properly validati...

Magento cross-site scripting vulnerability (CNVD-2020-52442)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site scripting vulnerability exists in Magento version 2.2 and 2.3. The vulnerability stems from a lack o...

SITOS six Build Cross-Site Scripting Vulnerability

SITOS is a modular e-learning system. The system includes features such as audio playback, video playback, forums, blogs and social media. A cross-site scripting vulnerability exists in the blog feature in SITOS six Build v6.2.1. The vulnerability stems from the WEB application lacking proper...

SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2019-42431)

SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. A cross-site scripting vulnerability exists in SAP Business Objects...

TYPO3 cross-site scripting vulnerability (CNVD-2019-41233)

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 versions prior to 4.3.12, 4.4.x prior to 4.4.9 and 4.5.x prior to 4.5.4. The vulnerability stems from a lack of proper validation of...