CVE-2020-6483

Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

OpenSSL Code Issues Vulnerabilities

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...

Unspecified vulnerability in Parrot ANAFI (CNVD-2021-27990)

The Parrot ANAFI is a drone device. A security vulnerability exists in the Parrot ANAFI that can be exploited by a remote attacker to disconnect the drone from its controller during flight...

CVE-2020-6383

Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

PT-2020-1540 · Oracle · Oracle Net +4

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Description: The issue is related to inadequate access control in the Oracle ODBC database gateway, which can be exploited by a remote attacker to cause a denial of servic...

CVE-2019-5845

Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the resident relational SAP HANA database, which exists due to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of the resident relational SAP HANA database exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

CVE-2019-13724

Out of bounds memory access in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

CVE-2019-13717

Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page...

HTTP Unauthorized Brute Force Attempt

A remote attacker can exploit this vulnerability by using HTTP brute force attempt. These attacks are aimed to cause the server to crash or become unresponsive...

CVE-2018-6156

Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file...

CVE-2018-12556

CVE-2018-12556 affects the yarnpkg/website install.sh signature verification: it only checks that the release is signed by any key in the user’s local keyring, not pinned to the yarn release key, enabling remote attackers to sign tampered yarn packages with their own key. Public documents note un...

CVE-2019-11005

In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a quoted font family value...

PT-2019-1854 · Ruby On Rails +3 · Action View +3

Name of the Vulnerable Software and Affected Versions: Action View versions prior to 5.2.2.1 Action View versions prior to 5.1.6.2 Action View versions prior to 5.0.7.2 Action View versions prior to 4.2.11.1 Action View version 3 Description: There is a File Content Disclosure issue in Action Vie...

EUVD-2019-10238

A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. The vulnerability is due to improper validation of...

CVE-2019-5770

Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

CVE-2019-5747

An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components consumed by the DHCP client, server, and/or relay might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte...

e107 Cross-Site Request Forgery Vulnerability (CNVD-2018-20077)

e107 is an open source, free and PHP and MySQL based Content Management System CMS developed by the e107 team. The system supports a variety of plug-ins and appearance of the theme , can be used as a personal blog , discussion community , archive repository and so on. A cross-site request forgery...

Simple Object Access Protocol Command Injection

Remote command injection vulnerabilities exist in multiple SOAP requests. A remote attacker can exploit these weaknesses to execute arbitrary commands in the affected devices via a crafted request...

Multiple Cisco Products NX-OS Software SNMP Denial of Service Vulnerabilities

Cisco Nexus 2000 Series Switches are products of Cisco Corporation.Cisco Nexus 2000 Series Switches are switch devices.Fabric Modules are switch matrix modules.NX-OS Software is a set of data center-grade operating system software for the switches.Simple Network Management Protocol SNMP input...