16 matches found
CVE-2026-13822
The CVE describes an inappropriate implementation in Google Chrome extensions on Android prior to version 150.0.7871.47, where a user-supplied malicious extension could bypass the same-origin policy via a crafted extension. Affected product: Chrome for Android; root cause: faulty extension handli...
CVE-2024-13822
The Photo Contest | Competition | Video Contest WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13822
The Photo Contest | Competition | Video Contest WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13822
The CVE-2024-13822 entry concerns the WordPress plugin Total Contest Lite (Photo Contest | Competition | Video Contest) up to version 2.8.1, which outputs an unsanitized parameter, enabling a Reflected XSS. Connected sources corroborate a reflected-XSS issue in Total Contest Lite (versions ≤ 2.8....
CVE-2024-13822 Total Contest Lite <= 2.8.1 - Reflected XSS
The Photo Contest | Competition | Video Contest WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Nginx Source Code Disclosure/Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nginx Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions 0.7 a...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.4 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update
An update is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2020-13822
The Elliptic for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature...
CVE-2020-13822
CVE-2020-13822 concerns the Elliptic package for Node.js (notably versions around 6.5.2) and describes ECDSA signature malleability caused by variations in encoding, leading to spurious or non-canonical signatures (e.g., leading '\0' bytes) and potential security impact if a single canonical sign...
CVE-2018-13822
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information...
CVE-2018-13822
CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below are affected by CVE-2018-13822 due to unprotected storage of credentials. This allows attackers to access sensitive information. The Connected documents confirm the affected versions and the credential storage issue; no...
CVE-2018-13822
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information...
CVE-2017-13822
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attackers to bypass intended memory-read restrictions via a crafted app...
CVE-2017-13822
CVE-2017-13822 affects macOS up to 10.13.0; the issue is in the Quick Look component, allowing a crafted app to bypass memory-read restrictions and read restricted memory. Affected product/area: macOS Quick Look. Root cause: memory-restriction bypass via crafted app. Impact: attacker can read res...
dtdc.in XSS vulnerability
Vulnerable URL: http://www.dtdc.in/location-finder.asp Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13822 VIP website status:| Yes Check dtdc.in SSL connection:| Grade: F...