4 matches found
CVE-2024-24780
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...
Microchip TimeProvider 4100 安全漏洞
Microchip TimeProvider 4100 is a gateway clock from Microchip, Inc. A security vulnerability exists in Microchip TimeProvider 4100 that originates from a URL redirection to an untrusted site, resulting in a cross-site scripting attack...
Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...
Cross-Site Scripting via JSONP
JSONP allows untrusted resource URLs, which provides a vector for attack by malicious actors...