Cross site scripting

Snipe-IT before 6.0.14 is vulnerable to Cross Site Scripting XSS for View Assigned Assets...

Oracle VM VirtualBox 5.2.x < 5.2.34 / 6.0.x < 6.0.14 (Oct 2019 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.34 or 6.0.x prior to 6.0.14. It is, therefore, affected by multiple vulnerabilities as noted in the October 2019 Critical Patch Update advisory: - A vulnerability exists in the Oracle VM VirtualBox product of...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37936)

Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. A security vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker could exploit this vulnerability to cause Oracle VM VirtualBox to hang or crash frequently...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-37930)

Oracle VM VirtualBox is cross-platform virtualization software for x86 systems. A security vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.34 and 6.0.14. An attacker could exploit this vulnerability to gain unauthorized access to critical data or full acce...

CVE-2019-2944

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

Fixed in Apache Tomcat 6.0.14

Low: Cross-site scripting CVE-2007-2449 JSPs within the examples web application did not escape user provided data before including it in the output. This enabled a XSS attack. These JSPs now filter the data before use. This issue may be mitigated by undeploying the examples web application. Note...