19 matches found
CVE-2025-13717
creationtimestamp| type| source ---|---|--- 2026-01-09 13:26:56+00:00| seen| https://gist.github.com/Darkcrai86/1d69ce62eb6a596f6b8c86840faa80a0 2026-01-09 15:24:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbysk5s5ma2e...
WordPress Contact Form vCard Generator plugin <= 2.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'wp-gvc-cf-download-id' Parameter vulnerability
Missing Authorization to Unauthenticated Sensitive Information Exposure via 'wp-gvc-cf-download-id' Parameter vulnerability discovered by Sopon Tangpathum SoNaJaa - freelance in WordPress Plugin Contact Form vCard Generator versions = 2.4...
CVE-2024-13717 Contact Form and Calls To Action by vcita <= 2.7.1 - Missing Authorization to Authenticated (Subscriber+) Contact/Widget Toggle
The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcitaajaxtoggleae and vcitaajaxtogglecontact functions in all versions up to, and including, 2.7.1. This makes it possible for authenticat...
CVE-2020-13717
...
CVE-2020-13717
CVE-2020-13717 is rejected/not used and does not represent an active vulnerability entry.
Security update for chromium, re2 (important)
openSUSE Security Update: Security update for chromium, re2 Announcement ID: openSUSE-SU-2020:0010-1 Rating: important References: 1154806 Cross-References: CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706 CVE-2019-13707...
CVE-2019-13717
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page...
CVE-2019-13717
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page...
UBUNTU-CVE-2019-13717
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page...
CVE-2019-13717
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page...
CVE-2019-13717
CVE-2019-13717 is a vulnerability in Google Chrome/Chromium prior to 78.0.3904.70 where the security UI could be obscured in full-screen mode via a crafted HTML page, enabling a remote attacker to hide security UI. The issue is categorized under a user-interface spoof/content-security context, wi...
CVE-2019-13717
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page...
RHEL 6 : chromium-browser (RHSA-2019:3759)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3759 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 78.0.3904.70. Security Fixes:...
Important: Red Hat Security Advisory: chromium-browser security update
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 78 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 78.0.3904.70 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
CVE-2017-13717
creationtimestamp| type| source ---|---|--- 2019-06-11 02:31:21+00:00| seen| https://t.me/cibsecurity/4823...
CVE-2017-13717
The CVE-2017-13717 issue affects Starry Station (Starry Router). The product exposes a webserver with Access-Control-Allow-Origin: *, enabling cross-origin requests from any hosted page. This misconfiguration allows an attacker to access device endpoints via the user’s browser, and, as described,...
CVE-2018-13717
The CVE-2018-13717 entry concerns a smart contract vulnerability in HormitechToken (Ethereum). The mintToken function reportedly contains an integer overflow, enabling the contract owner to arbitrarily set any user’s balance to a chosen value. Documents consistently describe this as an overflow i...
BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting
BEA WebLogic 7.08.1 - Administration Console LoginForm.jsp Cross-Site Scripting source: https://www.securityfocus.com/bid/13793/info BEA WebLogic Server And WebLogic Express are affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitiz...