6680 matches found
CVE-2018-4911
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API related to bookmark functionality. The...
vinnitsa.com XSS vulnerability
Open Bug Bounty ID: OBB-567772 Description| Value ---|--- Affected Website:| vinnitsa.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
OPENSUSE-SU-2018:0534-1 Security update for phpMyAdmin
This update for phpMyAdmin 4.7.8 fixes the following issues: - CVE-2018-7260: self-cross site scripting XSS vulnerability in the central columns feature boo1082188 This version also fixes some minor functionality bugs. The previous update already fixed CVE-2017-1000499...
OPENSUSE-SU-2018:0536-1 Security update for phpMyAdmin
This update for phpMyAdmin 4.7.8 fixes the following issues: - CVE-2018-7260: self-cross site scripting XSS vulnerability in the central columns feature boo1082188 This version also fixes some minor functionality bugs. The previous update already fixed CVE-2017-1000499...
reality.ba XSS vulnerability
Open Bug Bounty ID: OBB-564843 Description| Value ---|--- Affected Website:| reality.ba Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Medium: dhcp
Issue Overview: Omapi code doesn't free socket descriptors when empty message is received allowing denial-of-service It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able to connect to the OMAPI port could use this flaw to...
onnuri.org XSS vulnerability
Open Bug Bounty ID: OBB-563224 Description| Value ---|--- Affected Website:| onnuri.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
petatlan.infored.com.mx XSS vulnerability
Open Bug Bounty ID: OBB-560203 Description| Value ---|--- Affected Website:| petatlan.infored.com.mx Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Microsoft Windows Multiple Vulnerabilities (KB4074596)
This host is missing a critical security update according to Microsoft KB4074596 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
`tempdir` crate has been deprecated; use `tempfile` instead
The tempdir crate has been deprecated and the functionality is merged into tempfile...
Document signing deprecation in XPS Viewer
Microsoft has deprecated the Document Signing functionality in XPS Viewer. This functionality relied upon the SHA-1 algorithm and is part of our overall effort to remove this algorithm from our products. This change impacts XPS Viewer on all supported versions of Windows. FAQ 1. I need to use thi...
CVE-2018-5307
Multiple cross-site scripting XSS vulnerabilities in Sonatype Nexus Repository Manager aka NXRM 2.x before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via 1 the repoId or 2 format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; 3 the filename...
[SECURITY] Fedora 27 Update: tomcat-native-1.2.16-1.fc27
Tomcat can use the Apache Portable Runtime to provide superior scalability, performance, and better integration with native server technologies. The Apache Portable Runtime is a highly portable library that is at the heart of Apache HTTP Server 2.x. APR has many uses, including access to advanced...
drim.es XSS vulnerability
Open Bug Bounty ID: OBB-555635 Description| Value ---|--- Affected Website:| drim.es Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
[SECURITY] Fedora 26 Update: jackson-databind-2.7.6-8.fc26
General data-binding functionality for Jackson: works on core streaming API...
CVE-2018-4877
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player's quality of service functionality. A successful attack can lead to arbitrary code execution...
Mail.ru: Хранимая XSS ( API )
Stored XSS via saved signature in Mail.Ru Mail mail compose functionality...
eelighting.ca XSS vulnerability
Open Bug Bounty ID: OBB-547888 Description| Value ---|--- Affected Website:| eelighting.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-14521
In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload...
CVE-2017-14521
In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload...