3642 matches found
CVE-2021-41427
Beeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting XSS via the choosemac parameter to setup.cgi...
CVE-2021-41426
Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery CSRF via mgtenduser.htm...
CVE-2021-41426
Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery CSRF via mgtenduser.htm...
CVE-2021-41427
Beeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting XSS via the choosemac parameter to setup.cgi...
Cross site request forgery (csrf)
Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery CSRF via mgtenduser.htm...
Cross site scripting
Beeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting XSS via the choosemac parameter to setup.cgi...
CVE-2021-41426
Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery CSRF via mgtenduser.htm...
CVE-2021-41426
CVE-2021-41426 affects Beeline Smart Box 2.0.38, with a CSRF vulnerability exposed via the mgt_end_user.htm page. The CVE entry is supported by multiple sources (NVD, Red Hat, CVE List, etc.). The issue is described as vulnerable to CSRF, but the connected documents do not provide explicit exploi...
CVE-2021-41427
Beeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting XSS via the choosemac parameter to setup.cgi...
CVE-2021-41427
Beeline Smart Box 2.0.38 is vulnerable to a Cross Site Scripting (XSS) flaw in the setup.cgi endpoint, exploitable via the choose_mac parameter. The issue is documented under CVE-2021-41427. Affected component: the web interface handling setup.cgi; vulnerability type: XSS. Impact details in the p...
Mozilla: Javascript alert box could have been spoofed onto an arbitrary domain
Due to an unusual sequence of attacker-controlled events, a Javascript alert dialog with arbitrary although unstyled contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...
Connect Box EuroDOCSIS 3.0 Voice Gateway 操作系统命令注入漏洞
The Connect Box EuroDOCSIS 3.0 Voice Gateway is a home voice gateway device. An operating system command injection vulnerability exists in Connect Box EuroDOCSIS 3.0 Voice Gateway that allows an attacker with privileges and network access to execute commands on the device via the ping.cmd compone...
Beeline Smart Box 跨站脚本漏洞
Beeline Smart Box is a wireless router from the Russian company Beeline. A security vulnerability exists in Beeline Smart box 2.0.38, which stems from the choosemac parameter of setup.cgi and is susceptible to cross-site scripting XSS attacks...
Beeline Smart Box 跨站请求伪造漏洞
Beeline Smart Box is a wireless router from the Russian company Beeline. A security vulnerability exists in Beeline Smart box 2.0.38, which stems from mgtenduser.htm being susceptible to cross-site request forgery CSRF attacks...
RHEL 8 : firefox (RHSA-2021:4605)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4605 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CentOS 8 : thunderbird (CESA-2021:4130)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4130 advisory. - Mozilla: iframe sandbox rules did not apply to XSLT stylesheets CVE-2021-38503 - Mozilla: Use-after-free in file picker dialog CVE-2021-38504 -...
RHEL 8 : thunderbird (RHSA-2021:4132)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4132 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla:...
RHEL 8 : thunderbird (RHSA-2021:4130)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4130 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla:...
RLSA-2021:4130 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.3.0. Security Fixes: Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules did not apply to XS...
Mozilla Firefox has an unspecified vulnerability (CNVD-2021-101164)
Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable due to an unusual sequence of events controlled by an attacker, and alert can therefore display arbitrary albeit unstyled content on top of an uncontrolled page of the attacker's choice...