C-MOR Video Surveillance 5.2401 Remote Shell Upload

Advisory ID: SYSS-2024-026 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401 Tested Versions: 5.2401 Vulnerability Type: Unrestricted Upload of File with Dangerous Type CWE-434 Risk Level: High Solution Status: Fixed Manufacturer Notification: 2024-04-05...

C-MOR Video Surveillance 5.2401 / 6.00PL01 Cross Site Request Forgery

Advisory ID: SYSS-2024-022 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Cross-Site Request Forgery CWE-352 Risk Level: Medium Solution Status: Open Manufacturer Notification: 2024-04-05...

BELL-CVE-2024-44987

Bulletin has no description...

BELL-CVE-2024-44970

Bulletin has no description...

The vulnerability in the full-screen notification mode of the Mozilla Firefox browser on Android operating systems allows a hacker to perform spoofing attacks.

The vulnerability in the full-screen notification mode of the Mozilla Firefox browser on Android operating systems relates to the absence of warnings about dangerous actions when loading pop-up windows for downloaded files. Exploiting this vulnerability allows a remote attacker to carry out...

CVE-2024-8410 ABCD ABCD2 otros_sitios.php path traversal

A vulnerability classified as problematic was found in ABCD ABCD2 up to 2.2.0-beta-1. This vulnerability affects unknown code of the file /abcd/opac/php/otrossitios.php. The manipulation of the argument sitio leads to path traversal. The attack can be initiated remotely. The exploit has been...

CVE-2024-8388

Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the...

CVE-2024-8388

Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the...

CVE-2024-8388

Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox for Android suffers from a spoofing vulnerability, which is caused due to a masked notification of transition to full-screen mode. An attacker can exploit this vulnerability to spoof th...

Security Vulnerabilities fixed in Firefox 130 — Mozilla

A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. Multiple prompts a...

PT-2024-38972 · Unknown · Hm Courts & Tribunals Service Probate Back Office

Name of the Vulnerable Software and Affected Versions: HM Courts & Tribunals Service Probate Back Office affected versions not specified Description: A vulnerability was found in HM Courts & Tribunals Service Probate Back Office. It has been classified as problematic and affects an unknown functi...

GHSA-F3Q4-GGFP-JV34 Adyen APIs Library for Python timing attack vulnerability

Adyen has utility methods for validating notification HMAC signatures. The isvalidhmac and isvalidhmacnotification methods are vulnerable to a timing attack, you should compare the hash of the HMACs instead...

Adyen APIs Library for Python timing attack vulnerability

Adyen has utility methods for validating notification HMAC signatures. The isvalidhmac and isvalidhmacnotification methods are vulnerable to a timing attack, you should compare the hash of the HMACs instead...

PT-2024-40253 · Adyen · Adyen

Name of the Vulnerable Software and Affected Versions: Adyen affected versions not specified Description: The issue concerns the is valid hmac and is valid hmac notification methods, which are vulnerable to a timing attack. To mitigate this, it is recommended to compare the hash of the HMACs...

PT-2024-38948 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific vulnerability. It appears to be a test case and not a valid exploit notification. No general information...

PT-2025-25434 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions prior to 15.10.16 XWiki versions prior to 16.4.7 XWiki versions prior to 16.10.2 Description: The issue affects XWiki, a generic wiki platform. It occurs when a user without script right creates a document with an...

Adyen APIs Library for Python timing attack vulnerability

Adyen has utility methods for validating notification HMAC signatures. The isvalidhmac and isvalidhmacnotification methods are vulnerable to a timing attack, you should compare the hash of the HMACs instead...

Mozilla Firefox Security Update (MFSA2024-33) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox Security Update (MFSA2024-33) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...