CVE-2020-11696

In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages community, essential, professional in version 2.7.0 and iTop essential and iTop professional in version 2.6.4...

CVE-2020-11696

CVE-2020-11696 is a stored XSS issue in Combodo iTop where a menu shortcut name could be exploited. The description specifies affected iTop packages and versions, with a fix in all iTop packages in version 2.7.0 and in iTop essential and iTop professional in version 2.6.4. Connected sources refer...

PT-2020-12783 · Comodo +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: iTop versions prior to 2.6.4 iTop versions prior to 2.7.0 Description: The issue concerns a stored XSS payload that can be exploited through a menu shortcut name in iTop. Recommendations: For versions prior to 2.6.4, update to version 2.6.4 o...

Unable to add Nutanix AHV cluster due to empty credentials list

Challenge When trying to add a new Nutanix AHV cluster to the Veeam Backup & Replication infrastructure, the operation cannot be finished due to an empty list of credentials. Newly added credentials are not displayed in the Credentials list, and the wizard does not allow adding a new cluster...

How to force Self Service to Refresh Start Menu Apps / Desktop Shortcuts on logon

Allow the users to have the latest Apps upon logon and not having to wait for a timed Refresh to occur...

Access Restriction Bypass

Dolibarr is vulnerable to access restriction bypass. Loading of menu manager is not handled properly, therefore allowing an attacker to bypass the restrictions via the non-alphanumeric menu parameter in core/getmenudiv.php...

CVE-2020-12669

core/getmenudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter...

CVE-2020-12669

core/getmenudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter...

UBUNTU-CVE-2020-12669

core/getmenudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter...

SUSE-SU-2020:1198-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution bsc1170643. Non-security issues fixed: - Update to version 2.28.2 bsc1170643: + Fix excessive CPU usage due to GdkFrameClock...

Generator-Burp-Extension - Everything You Need About Burp Extension Generation

Everything You Need About Burp Extension Generation Installation First, install Yeoman and generator-burp-extension using npm we assume you have pre-installed node.js. npm install -g yo npm install -g generator-burp-extension Then generate your new project: yo burp-extension Burp Extension featur...

Fedora 30 : webkit2gtk3 (2020-bd170e803f)

Update to 2.28.2 : - Fix excessive CPU usage due to GdkFrameClock not being stopped. - Fix UI process crash when EGLWLbindwaylanddisplay extension is not available. - Fix position of select popup menus in X11. - Fix playing of Youtube live stream/H264 URLs. - Fix several crashes and rendering...

CVE-2020-5567

Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu...

CVE-2020-5567

Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu...

CVE-2020-5567

Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu...

Cybozu Garoon License Issue Vulnerability

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An authorization issue vulnerability exists in Cybozu Garoon versions 4.0.0 to 4.10.3. A remote attacker can...

CVE-2019-20789

Croogo is affected in versions before 3.0.7. The vulnerability is a Cross-Site Scripting (XSS) flaw triggered by crafting a malicious title that is submitted to admin/menus/menus or admin/taxonomy/vocabularies, with the impact being script execution when a user views the page. The root cause, as ...

Description of the security update for SharePoint Foundation 2010: April 14, 2020

Description of the security update for SharePoint Foundation 2010: April 14, 2020 Summary This security update resolves remote code execution vulnerabilities that exist in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about these...

You can't open the "Devices" menu in PC Settings in Windows 8.1 or Windows Server 2012 R2

You can't open the "Devices" menu in PC Settings in Windows 8.1 or Windows Server 2012 R2 This article describes an issue that occurs when you try to open the Devices menu in PC Settings in Windows 8.1, Windows RT 8.1, or Windows Server 2012 R2. An update is available to fix this issue. Before yo...

CVE-2016-5254

Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service heap memory corruption and application crash by leveraging keyboard access to use the Alt...