Cross site scripting

A reflected Cross-Site-Scripting XSS vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the backurl parameter in the file scan component...

CVE-2018-1356

A reflected Cross-Site-Scripting XSS vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the backurl parameter in the file scan component...

CVE-2018-1356

A reflected Cross-Site-Scripting XSS vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the backurl parameter in the file scan component...

FortiSandbox reflected XSS in the file scan component

A reflected Cross-Site-Scripting XSS vulnerability in Fortinet FortiSandbox may allow an attacker to execute unauthorized code or commands via the backurl parameter in the file scan component...

Advantech WebAccess Node BwFreRPT Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwFreRPT.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

CVE-2019-1002101

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could r...

Design/Logic Flaw

A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via a hidden Close button...

CVE-2017-7342

A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via a hidden Close button...

CVE-2017-7340

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

CVE-2017-7340

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

Cross site scripting

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

CVE-2017-7342

A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via a hidden Close button...

CVE-2017-7342

CVE-2017-7342 relates to Fortinet FortiPortal. Affected product: FortiPortal versions 4.0.0 and earlier. Root cause: a weak password recovery process that can allow an attacker to execute unauthorized code or commands via a hidden Close button. Impact: as per NVD, high/severe potential with remot...

CVE-2017-7340

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

CVE-2017-7340

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the applicationSearch parameter in the FortiView functionality...

CVE-2017-7340

CVE-2017-7340 affects Fortinet FortiPortal 4.0.0 and earlier. A Cross-Site Scripting flaw allows an attacker to execute unauthorized code/commands via the FortiView applicationSearch parameter. The vulnerability is tied to FortiPortal’s FortiView functionality; no exploitation details or patch/ve...

HPSBHF03611 rev. 2 - NVIDIA GPU Display Driver Vulnerabilities

Potential Security Impact Denial of service, Escalation of privilege, Unauthorized code execution, or Information disclosure Source: HP, HP Product Security Response Team PSRT Reported By: NVIDIA VULNERABILITY SUMMARY HP has been notified of potential security vulnerabilities with the GPU Display...

CVE-2018-12191

Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or IntelR Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or IntelR TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrar...

Gemalto Sentinel UltraPro

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Gemalto Equipment: Sentinel UltraPro Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow execution of unauthorized code or commands. 3...

Format string

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable...