MINI-8439-7FH4-GGWG

Bulletin has no description...

ChaCha20‑Poly1305 AEAD Production Decryptor

This C implementation provides a secure ChaCha20‑Poly1305 decryption function fully compliant with RFC 8439...

CGA-2JPM-8439-4427

Bulletin has no description...

CVE-2025-8439

A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown processing of the file /controllers/updatesettings.php. The manipulation of the argument Password leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-8439

A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown processing of the file /controllers/updatesettings.php. The manipulation of the argument Password leads to sql injection. The attack may be initiated remotely. The...

CVE-2020-8439

Monstra CMS through 3.0.4 allows remote authenticated users to take over arbitrary user accounts via a modified login parameter to an edit URI, as demonstrated by login=victim to the users/21/edit URI...

Mageia: Security Advisory (MGASA-2014-0497)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RUSTSEC-2019-0029 ChaCha20 counter overflow can expose repetitions in the keystream

The ChaCha20 stream cipher can produce a maximum of 2^32 blocks 256GB before the 32-bit counter overflows. Releases of the chacha20 crate prior to v0.2.3 allow generating keystreams larger than this, including seeking past the limit. When this occurs, the keystream is duplicated, with failure mod...

CVE-2019-8439

DiliCMS 2.4.0 has a Stored XSS vulnerability in the site_domain field (second textbox) under System setting -> site setting in admin/index.php. CNVD-2019-07939 notes this allows a remote attacker to inject arbitrary script/HTML; the CMS is described as based on CodeIgniter. No exploit specific...

CVE-2019-8439

An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the second textbox of "System setting-site setting" of admin/index.php, aka sitedomain...

Remote code execution

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...

CVE-2018-8439

CVE-2018-8439 describes a remote code execution vulnerability in Microsoft Windows Hyper‑V. The issue arises when Hyper‑V on a host fails to properly validate input coming from an authenticated user on a guest operating system. Affected products include Windows Server 2012 R2, Windows RT 8.1, Win...

KB4457128: Windows 10 Version 1803 and Windows Server Version 1803 September 2018 Security Update

The remote Windows host is missing security update 4457128. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way...

KB4457143: Windows 8.1 and Windows Server 2012 R2 September 2018 Security Update

The remote Windows host is missing security update 4457143 or cumulative update 4457129. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could...

Elastic Kibana 'CVE-2017-8439' Cross-site scripting (XSS) Vulnerability - Linux

Elastic Kibana is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Elastic Kibana 'CVE-2017-8439' Cross-site scripting (XSS) Vulnerability - Windows

Elastic Kibana is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-8439

Kibana version 5.4.0 was affected by a Cross Site Scripting XSS bug in the Time Series Visual Builder. This bug could allow an attacker to obtain sensitive information from Kibana users...

CVE-2017-8439

Kibana 5.4.0 has a Cross-Site Scripting (XSS) vulnerability in the Time Series Visual Builder (CVE-2017-8439) that could allow a Kibana user’s data to be exposed. The Connected documents provide CVSS metrics (v3 base 6.1 MEDIUM, network access, user interaction required) and confirm the affected ...

CVE-2016-8439

Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR1027804...

CVE-2016-8439

Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR1027804...