EUVD-2026-19450

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains remote code execution vulnerability in the timezone conversion flow, which processes attacker-controlled cookie values in an...

PT-2026-30669

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input...

AB Document Reader: PDF, DOC, PPT 安全漏洞

AB Document Reader: PDF, DOC, PPT is a document reader from AB. A security vulnerability exists in AB Document Reader: PDF, DOC, PPT version 65.0, which stems from a lack of security checks during the file import process and can lead to directory traversal...

WordPress plugin WPGYM SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2022-40265

Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker...

NETSAS Enigma NMS Cross-Site Scripting Vulnerability

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

Unspecified Vulnerability in NETSAS Enigma NMS

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A security vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier, which stems from the program's use of a weak authentication mechanism over the HTTP protocol. The vulnerability can be...

CVE-2019-16068

A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and prior that could allow an attacker to be able to trick a victim into submitting a malicious managefiles.cgi request. This can be triggered via XSS or an IFRAME tag included within the site...

Mozilla Thunderbird S/MIME Signature Spoofing Vulnerability

Mozilla Thunderbird is the United States Mozilla Foundation of a set of independent from MozillaApplicationSuite e-mail client software. The software supports IMAP and POP mail protocols as well as HTML mail format. A security vulnerability exists in versions of Mozilla Thunderbird prior to 60.5....

Mozilla Firefox Memory Corruption Vulnerability (CNVD-2019-08522)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 65. An attacker can exploit the vulnerability to cause memory corruption or possibly execute arbitrary code...

Mozilla Firefox and Firefox ESR Memory Corruption Vulnerability (CNVD-2019-08523)

Mozilla Firefox and Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox version 65 and Firefox ESR version 60.5. A...

Google Chrome Security Vulnerability (CNVD-2018-09127)

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in versions prior to Google Chrome 65.0.3325.146. There is no detailed description of the vulnerability at this time...

Google Chrome Security Bypass Vulnerability (CNVD-2018-08953)

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in versions prior to Google Chrome 65.0.3325.146. A remote attacker can exploit this vulnerability to bypass Mark-of-the-Web by tricking users into visiting a specially crafted website...

chromium-browser: csp bypass through extensions

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...