8219 matches found
Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
An update for microcodectl is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
An update for microcodectl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
hw: Vector Register Leakage-Active
A flaw was found in the Intel Advanced Vector Extensions AVX implementation, where a local authenticated attacker with the ability to execute AVX instructions can gather the AVX register state from previous AVX executions. This vulnerability allows information disclosure of the AVX register state...
Fedora: Security Advisory for xen (FEDORA-2020-6dd36a716c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Wonder CMS 3.1.3 Cross Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Stored Cross-site scriptingXSS: Stored XSS, also known as persistent XS...
CentOS: Security Advisory for microcode_ctl (CESA-2020:5083)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux CVE: CVE-2020-29233 Stored Cross-site scriptingXSS: Stored XSS, also...
microcode_ctl security update
CentOS Errata and Security Advisory CESA-2020:5083 An update for microcodectl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
SuiteCRM Open Redirect Vulnerability
SuiteCRM is a free open source customer relationship management application. An open redirection vulnerability exists in the Documents module in SuiteCRM 7.11.13 and earlier versions. An attacker can exploit this vulnerability to redirect users to arbitrary URLs via specially crafted SVG document...
Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2020-65141)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. FireFox suffers from a cross-site scripting vulnerability that stems from a mismatch between parsing and event loading in SVG code that could result in a load event being triggered, even after being...
Mozilla Firefox 跨站脚本漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. FireFox suffers from a cross-site scripting vulnerability that stems from a mismatch between parsing and event loading in SVG code that could result in a load event being triggered, even after being...
Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting
Exploit Title: Froxlor Froxlor Server Management Panel 0.10.16 - Persistent Cross-Site Scripting Exploit Author: Vulnerability-Lab Date: 2020-11-12 Vendor Homepage: https://froxlor.org/ Software Link: https://froxlor.org/download/ Version: 0.10.16 Document Title: =============== Froxlor v0.10.16 ...
UBUNTU-CVE-2020-26951
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...
SugarCRM 6.5.18 - Persistent Cross-Site Scripting
Exploit Title: SugarCRM 6.5.18 - Persistent Cross-Site Scripting Exploit Author: Vulnerability-Lab Date: 2020-11-16 Vendor Homepage: https://www.sugarcrm.com Version: 6.5.18 Document Title: =============== SugarCRM v6.5.18 - Contacts Persistent Cross Site Web Vulnerability References Source:...