Lucene search
+L

898 matches found

CNVD
CNVD
added 2021/02/22 12:0 a.m.8 views

Unspecified Vulnerability in Mozilla Firefox (CNVD-2021-14410)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox versions prior to 85. An attacker could exploit the vulnerability iframe sandboxing...

7.4CVSS6.4AI score0.00793EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2021/02/17 7:11 a.m.99 views

Malvertisers Exploited WebKit 0-Day to Redirect Browser Users to Scam Sites

A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams. The attacks, first spotted by ad security firm Confiant in late June 2020, leveraged a bug CVE-2021–1801...

6.5CVSS0.8AI score0.01515EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.45 views

openSUSE Security Update : firejail (openSUSE-2021-271)

This update for firejail fixes the following issues : firejail 0.9.64.4 is shipped to openSUSE Leap 15.2 - CVE-2021-26910: Fixed root privilege escalation due to race condition boo1181990 Update to 0.9.64.4 : - disabled overlayfs, pending multiple fixes - fixed launch firefox for open url in...

9.8CVSS7.5AI score0.04098EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2021/01/29 4:52 p.m.162 views

Apple iOS 14 Thwarts iMessage Attacks With BlastDoor System

In an effort to prevent attacks from being launched via its iMessage feature, Apple has debuted a security service called BlastDoor in iOS 14, its current mobile operating system version. First detailed in an analysis this week by Google Project Zero’s Samuel Groß, BlastDoor acts as a “tightly...

7.2AI score
Exploits0References13
CNNVD
CNNVD
added 2021/01/26 12:0 a.m.8 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox versions prior to 85. An attacker could exploit the vulnerability iframe sandboxing...

7.4CVSS5.8AI score0.00793EPSS
Exploits0References6
Gentoo Linux
Gentoo Linux
added 2021/01/25 12:0 a.m.95 views

Flatpak: Sandbox escape

Background Flatpak is a Linux application sandboxing and distribution framework. Description A bug was discovered in the flatpak-portal service that can allow sandboxed applications to execute arbitrary code on the host system a sandbox escape. Impact A remote attacker could entice a user to open...

8.8CVSS3.9AI score0.0057EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/12/24 12:0 a.m.10 views

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0 when running with Python 3.6 or later allows remote authenticated users to execute arbitrary code leading to privilege escalation.

...

9.9CVSS7AI score0.03239EPSS
Exploits0
CNVD
CNVD
added 2020/12/23 12:0 a.m.48 views

Odoo Arbitrary Code Execution Vulnerability

Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . An arbitrary code...

9.9CVSS8.9AI score0.03239EPSS
Exploits0References1
OSV
OSV
added 2020/12/22 5:15 p.m.4 views

CVE-2020-29396

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...

8.8CVSS6AI score0.03239EPSS
Exploits0References2
Prion
Prion
added 2020/12/22 5:15 p.m.17 views

Privilege escalation

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...

6.5CVSS8.7AI score0.03239EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2020/12/22 5:15 p.m.27 views

CVE-2020-29396

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...

9.9CVSS7.4AI score0.03239EPSS
Exploits0References2
OSV
OSV
added 2020/12/22 5:15 p.m.10 views

UBUNTU-CVE-2020-29396

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...

9.9CVSS6.1AI score0.03239EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/12/22 4:25 p.m.65 views

CVE-2020-29396

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation...

9.9CVSS9.3AI score0.03239EPSS
Exploits0
CVE
CVE
added 2020/12/22 4:25 p.m.133 views

CVE-2020-29396

CVE-2020-29396 affects Odoo Community 11.0–13.0 and Odoo Enterprise 11.0–13.0 when run with Python 3.6+. A sandboxing issue means that remote authenticated users can execute arbitrary code, enabling privilege escalation. The vulnerability’s impact is described as critical (CVSS3 up to 9.9; networ...

9.9CVSS8.6AI score0.03239EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2020/12/22 12:0 a.m.6 views

Odoo 安全漏洞

Odoo is an open source enterprise management suite , its features cover CRM, sales, purchasing, inventory management , manufacturing , quality management , HR full-featured , financial management , project management , PLM and a series of perfect enterprise information needs . An arbitrary code...

9.9CVSS7.9AI score0.03239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/12/22 12:0 a.m.3 views

PT-2020-17159

Name of the Vulnerable Software and Affected Versions Odoo Community versions 11.0 through 13.0 Odoo Enterprise versions 11.0 through 13.0 Description A sandboxing issue, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege...

9.9CVSS9.5AI score0.03239EPSS
Exploits0References10
Prion
Prion
added 2020/12/08 8:15 p.m.15 views

Code injection

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions...

4.3CVSS5.8AI score0.01059EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2020/11/23 12:0 a.m.13 views

HashiCorp Nomad and Nomad Enterprise Path Traversal Vulnerability

Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler from Hashicorp, USA. The program supports the deployment of microservices, batch, containerized and non-containerized applications. A security vulnerability exists in HashiCorp Nomad and Nomad Enterprise version...

6.5CVSS6.6AI score0.01631EPSS
Exploits0References3
CNVD
CNVD
added 2020/11/05 12:0 a.m.2 views

Apple macOS Mojave input validation error vulnerability (CNVD-2020-65930)

Apple macOS Mojave is a specialized operating system developed by Apple for Mac computers. Apple macOS Mojave has a security vulnerability that can be exploited by attackers to bypass sandboxing restrictions...

7.5CVSS6.7AI score0.00801EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/11/04 1:21 a.m.6 views

webkitgtk: Violation of iframe sandboxing policy

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy...

6.1CVSS6.7AI score0.00983EPSS
Exploits0References5
Rows per page
Query Builder