1225 matches found
CVE-2024-8033
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 38 security fixes: 358296941 High CVE-2024-7964: Use after free in Passwords. Reported by Anonymous on 2024-08-08 356196918 High CVE-2024-7965: Inappropriate implementation in V8. Reported by TheDog on 2024-07-30 355465305 High CVE-2024-7966: Out of...
Google Chrome < 128.0.6613.84 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 128.0.6613.84. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop21 advisory. - Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remot...
Google Chrome < 128.0.6613.84 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 128.0.6613.84. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop21 advisory. - Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a...
Cross-site Scripting (XSS)
org.dspace:dspace-server-webapp is vulnerable to Cross-site Scripting XSS. The vulnerability is caused by improper validation of download behavior for HTML, XML, or JavaScript Bitstreams, allowing embedded JavaScript to execute in the user's browser, which could potentially lead to XSS attacks...
Malicious code in console-webapp (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2019 Malicious code in console-webapp (npm)
--- -= Per source details. Do not edit below this line.=-...
Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload
Exploit Title: Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload Date: 2024-04-01 Author: Milad Karimi Ex3ptionaL Category : webapps Tested on: windows 10 , firefox import sys import os.path import requests import re import urllib3 from requests.exceptions import SSLError from...
CVE-2024-0081
NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asrwebapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service...
PYSEC-2024-289
NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asrwebapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service...
PYSEC-2024-289
NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asrwebapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service...
PT-2024-15336 · Nvidia · Nvidia Nemo
Name of the Vulnerable Software and Affected Versions: NVIDIA NeMo framework for Ubuntu affected versions not specified Description: The NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr webapp where an attacker may cause an allocation of resources without limits or throttlin...
Malicious code in u-workflow.module.common.webapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 676ec2bf7328ac16d28e24c3bb40fca880b4161a25988951f815eb86c0598b95 The OpenSSF Package Analysis project identified 'u-workflow.module.common.webapp' @ 1.0.0 npm as malicious. It is considered malicious because: ...
BIT-MATTERMOST-2023-6458
Mattermost webapp fails to validate route parameters in//channels/ allowing an attacker to perform a client-side path traversal...
Pexip Infinity Security Vulnerability
Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity prior to version 32, which stems from a cross-site scripting XSS vulnerability...
GHSA-7664-HCP7-F497 Mattermost Injection vulnerability
Mattermost webapp fails to validate route parameters in//channels/ allowing an attacker to perform a client-side path traversal...
Mattermost Injection vulnerability
Mattermost webapp fails to validate route parameters in//channels/ allowing an attacker to perform a client-side path traversal...
CVE-2023-6458
Mattermost webapp fails to validate route parameters in//channels/ allowing an attacker to perform a client-side path traversal...
CVE-2023-6458
Mattermost webapp fails to validate route parameters in//channels/ allowing an attacker to perform a client-side path traversal...
Path traversal
Mattermost webapp fails to validate route parameters in//channels/ allowing an attacker to perform a client-side path traversal...