UBUNTU-CVE-2020-6528

Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

Saferwall - A Hackable Malware Sandbox For The 21St Century

Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...

CVE-2020-6528

Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

Unspecified Vulnerability in Google Chrome Basic Auth

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A security vulnerability exists in Basic Auth in versions prior to Google Chrome 84.0.4147.89, which stems from an incorrect security user interface and can be...

CVE-2020-1403

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'...

CVE-2020-10989

An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter...

basic-english.me Cross Site Scripting vulnerability OBB-1220507

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2019-19160

Reportexpress ProPlus contains a vulnerability that could allow an arbitrary code execution by inserted VBscript into the configure filerxp...

CVE-2019-20414

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in Issue Navigator Basic Search. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2...

Cross site scripting

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in Issue Navigator Basic Search. The affected versions are before version 7.13.9, and from version 8.0.0 before 8.4.2...

The vulnerability of the VBScript script handler in Internet Explorer allows a hacker to execute arbitrary code.

The vulnerability of VBScript script handlers in Internet Explorer is related to errors in memory object handling. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the VBScript script handler in Internet Explorer allows a hacker to execute arbitrary code.

The vulnerability of VBScript script handlers in Internet Explorer is related to errors in memory object handling. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the VBScript script handler in Internet Explorer allows a hacker to execute arbitrary code.

The vulnerability of VBScript script handlers in Internet Explorer is related to errors in memory object handling. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the VBScript script handler in Internet Explorer allows a hacker to execute arbitrary code.

The vulnerability of VBScript script handlers in Internet Explorer is related to errors in memory object handling. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the VBScript script handler in Internet Explorer allows a hacker to execute arbitrary code.

The vulnerability of VBScript script handlers in Internet Explorer is related to errors in memory object handling. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2020-4071

In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASICAUTHLOGIN and BASICAUTHPASSWORD is set. Currently the string comparison between configured credentials and the ones provided by users is...

PYSEC-2020-37

In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASICAUTHLOGIN and BASICAUTHPASSWORD is set. Currently the string comparison between configured credentials and the ones provided by users is...

CVE-2020-4071

CVE-2020-4071 applies to the django-basic-auth-ip-whitelist package prior to version 0.3.4. The issue is a timing-attack vulnerability caused by a character-by-character string comparison of configured BASIC_AUTH_LOGIN/BASIC_AUTH_PASSWORD against user input, which may allow an attacker within a l...

CVE-2020-4071 Timing attack on django-basic-auth-ip-whitelist

In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASICAUTHLOGIN and BASICAUTHPASSWORD is set. Currently the string comparison between configured credentials and the ones provided by users is...

Information Disclosure

djangobasicauthipwhitelist is vulnerable to information disclosure. The vulnerability exists through a timing attack through the applied string comparison function when basic authentication is used...