13 matches found
EUVD-2019-9556
Malware in sbrugna...
Access of Resource Using Incompatible Type ('Type Confusion')
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via the lack of limitation on max inlining ids ...
CVE-2019-19968
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content...
CVE-2020-9350
Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...
CVE-2020-9350
Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...
Cross site scripting
Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...
CVE-2020-9350
CVE-2020-9350 affects SAS Visual Analytics 8.5, where the Graph Builder’s graph template can be directly accessed and exploited to trigger cross-site scripting (XSS) in the user's browser. The vulnerability is associated with the graph generator/templating mechanism, enabling attacker-supplied co...
CVE-2020-9350
Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...
CVE-2019-19968
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content...
Cross site scripting
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content...
CVE-2019-19968
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content...
CVE-2019-19968
PandoraFMS 742 is affected by multiple stored XSS vulnerabilities in the Agent Management, Report Builder, and Graph Builder components. The root cause, as described across sources, is inadequate validation/sanitation of client data stored by the web application, which is later read and echoed in...
Chrome V8 JIT - 'GetSpecializationContext' Type Confusion
PoC: function optarg = = arg let tmp = opt.x; // LdaNamedProperty for ;; arg; yield; function inner tmp; break; for let i = 0; i arg; this; , opt let tmp = arg.x; for ;; arg; yield; tmp = inner tmp; ; for let i = 0; i 10000; i++ opt; What happened: 1. The LdaNamedProperty operation "opt.x" was...