898 matches found
Unspecified Vulnerability in Mozilla Firefox (CNVD-2021-14410)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox versions prior to 85. An attacker could exploit the vulnerability iframe sandboxing...
Malvertisers Exploited WebKit 0-Day to Redirect Browser Users to Scam Sites
A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams. The attacks, first spotted by ad security firm Confiant in late June 2020, leveraged a bug CVE-2021–1801...
openSUSE Security Update : firejail (openSUSE-2021-271)
This update for firejail fixes the following issues : firejail 0.9.64.4 is shipped to openSUSE Leap 15.2 - CVE-2021-26910: Fixed root privilege escalation due to race condition boo1181990 Update to 0.9.64.4 : - disabled overlayfs, pending multiple fixes - fixed launch firefox for open url in...
Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System
In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version. First detailed in an analysis this week by Google Project Zero’s Samuel Groß, BlastDoor acts as a “tightly...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox versions prior to 85. An attacker could exploit the vulnerability iframe sandboxing...
Flatpak: Sandbox escape
Background Flatpak is a Linux application sandboxing and distribution framework. Description A bug was discovered in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. Impact A remote attacker could entice a user to open...
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0 when running with Python 3.6 or later allows remote authenticated users to execute arbitrary code leading to privilege escalation.
...
Odoo Arbitrary Code Execution Vulnerability
Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . An arbitrary code...
CVE-2020-29396
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...
Privilege escalation
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...
CVE-2020-29396
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...
UBUNTU-CVE-2020-29396
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...
CVE-2020-29396
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...
CVE-2020-29396
CVE-2020-29396 affects Odoo Community 11.0–13.0 and Odoo Enterprise 11.0–13.0 when run with Python 3.6+. A sandboxing issue means that remote authenticated users can execute arbitrary code, enabling privilege escalation. The vulnerability’s impact is described as critical (CVSS3 up to 9.9; networ...
Odoo 安全漏洞
Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . An arbitrary code...
PT-2020-17159
Name of the Vulnerable Software and Affected Versions Odoo Community versions 11.0 through 13.0 Odoo Enterprise versions 11.0 through 13.0 Description A sandboxing issue, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege...
Code injection
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions...
HashiCorp Nomad and Nomad Enterprise Path Traversal Vulnerability
Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler from Hashicorp, USA. The program supports the deployment of microservices, batch, containerized and non-containerized applications. A security vulnerability exists in HashiCorp Nomad and Nomad Enterprise version...
Apple macOS Mojave input validation error vulnerability (CNVD-2020-65930)
Apple macOS Mojave is a specialized operating system developed by Apple for Mac computers. Apple macOS Mojave has a security vulnerability that can be exploited by attackers to bypass sandboxing restrictions...
webkitgtk: Violation of iframe sandboxing policy
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy...