USN-4589-1: containerd vulnerability

It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials...

PowerShellGet Module WDAC Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in the PowerShellGet V2 module. An attacker who successfully exploited this vulnerability could bypass WDAC Windows Defender Application Control policy and execute arbitrary code on a policy locked-down machine. An attacker must have administrator...

webkitgtk: Incorrect processing of file URLs

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed...

About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

CVE-2020-3885

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed...

DEBIAN-CVE-2020-3885

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed...

UBUNTU-CVE-2020-3885

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed...

Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal

Exploit Title: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal Date: 2020-03-26 Exploit Author: hongphukt Vendor Homepage: https://www.jinfonet.com/ Software Link: https://www.jinfonet.com/product/download-jreport/ Version: JReport 15.6 Tested on: Linux, Windows Jreport Help function...

About the security content of iTunes 12.10.5 for Windows

About the security content of iTunes 12.10.5 for Windows This document describes the security content of iTunes 12.10.5 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

CVE-2019-8792

An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution...

CVE-2013-4411

Review Board: URL processing gives unauthorized users access to review lists...

Design/Logic Flaw

Review Board: URL processing gives unauthorized users access to review lists...

CVE-2013-4411

CVE-2013-4411 affects Review Board. The provided documents state that URL processing in Review Board allows unauthorized users to access review lists. Concrete detail: affected software is Review Board; issue arises from URL handling (URL processing). Reported impact is that unauthorized access t...

CVE-2013-4411

Review Board: URL processing gives unauthorized users access to review lists...

About the security content of Shazam Android App Version 9.25.0 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006

About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006 This document describes the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. About Apple security updates For our customers' protection,...

The vulnerability of the Internet Explorer browser, related to errors in URL processing, allows attackers to redirect users to malicious websites.

The vulnerability of the Internet Explorer browser is related to errors in processing URL addresses. Exploiting this vulnerability can allow a malicious actor to redirect users to a malicious website using a specially crafted web page...

Security Bulletin: Vulnerability in the libcURL component of Tivoli Netcool/OMNIbus (CVE-2017-1000100)

Summary Vulnerability has been addressed in the libcURL component of Tivoli Netcool/OMNIbus. Vulnerability Details CVEID: CVE-2017-1000100 DESCRIPTION: cURL could allow a remote attacker to obtain sensitive information, caused by a TFTP URL Processing flaw. By sending a specially-crafted request,...

Moxa SoftCMS AspWebServer URL Processing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of requests to the web server. A crafted URL can cause a pointer to be reused...

openSUSE: Security Advisory for ffmpeg (openSUSE-SU-2016:0243-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...