CVE-2021-0938

In memzeroexplicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2021-0377

In DeltaPerformer::Write of deltaperformer.cc, there is a possible use of untrusted input due to improper input validation. This could lead to a local bypass of defense in depth protections with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2018-16073

CVE-2018-16073 describes an attacker bypassing Chromium’s site isolation due to insufficient policy enforcement in Chrome’s site isolation prior to 69.0.3497.81. The CVE affects Google Chrome/Chromium and is listed among Chrome security updates (e.g.,Chromium 69.0.3497.81 fixes included in Fedora...

Microsoft SharePoint Server 2010 Service Pack 2 Word Automation Services Defense in Depth (KB4022197)

This host is missing a defense-in-depth update according to Microsoft KB4022197 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

cmseasy前台sql盲注(绕过union，sleep等函数，无需登录，无防御)

简要描述： cmseasy 前台sql盲注绕过union，sleep等函数，无需登录，无防御 详细说明： archiveact.php:line:27-33 front::checktype$this-pagesize; $announcement = new announcement; $this-view-announcements = $announcement-getrowsnull, 10; $this-view-usergroupid = 1000; front::checktypecookie::get'loginusername', 'safe';...

CVE-2011-5119

Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors...