2956 matches found
CVE-2020-29539
A Cross-Site Scripting XSS issue in WebUI Translation in Systran Pure Neural Server before 9.7.0 allows a threat actor to have a remote authenticated user run JavaScript from a malicious site...
Cross site scripting
A Cross-Site Scripting XSS issue in WebUI Translation in Systran Pure Neural Server before 9.7.0 allows a threat actor to have a remote authenticated user run JavaScript from a malicious site...
CVE-2020-29539
The CVE-2020-29539 entry concerns a Cross-Site Scripting (XSS) vulnerability in the WebUI Translation component of Systran Pure Neural Server prior to version 9.7.0. The issue allows a remote, authenticated attacker to cause a victim user to execute JavaScript from a malicious site via the affect...
CVE-2020-29539
A Cross-Site Scripting XSS issue in WebUI Translation in Systran Pure Neural Server before 9.7.0 allows a threat actor to have a remote authenticated user run JavaScript from a malicious site...
Systran Pure Neural Server Cross-Site Scripting Vulnerability
Systran Pure Neural Server is a Web platform product for document translation from Systran, Germany. A cross-site scripting vulnerability previously existed in Systran Pure Neural Server 9.7.0, which stemmed from a cross-site scripting XSS issue in WebUI Translation that allowed a threat actor to...
Clickjacking
WebUI is vulnerable to clickjacking. The vulnerability existed when the X-Frame-Options header is not set...
Cross-Site Scripting (XSS)
qbittorrent is vulnerable to cross-site scripting XSS. The WebUI does not escape data values before rendering on a user's browser, allowing an attacker to inject and execute arbitrary Javascript...
The vulnerability of the Google Chrome browser’s WebUI user interface allows a hacker to execute arbitrary code.
The vulnerability of the WebUI user interface of Google Chrome is related to the overflow of buffers in the dynamic memory during the processing of HTML content. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...
idm:DL1 and idm:client security, bug fix, and enhancement update
bind-dyndb-ldap 11.3-1 - New upstream release - Resolves: rhbz1845211 ipa 4.8.7-12.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.8.7-12 - Require selinux sub package in the proper version Related: RHBZ1868432 - SELinux: do not double-define nodet and pkitomcatcertt...
Security update for chromium, gn (important)
openSUSE Security Update: Security update for chromium, gn Announcement ID: openSUSE-SU-2020:1829-1 Rating: important References: 1177408 1177936 1178375 Cross-References: CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15973 CVE-2020-15974...
CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
UBUNTU-CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
CVE-2020-15983
CVE-2020-15983 affects the Chromium browser’s webUI component and is tied to insufficient data validation before version 86.0.4240.75 (ChromeOS) that could allow a local attacker to bypass content security policy with a crafted HTML page. Public advisories and vendor notes show fixes in the 86.0....
chromium-browser: Insufficient data validation in webUI
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
CVE-2019-5321
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...
Design/Logic Flaw
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...
CVE-2019-5321
CVE-2019-5321 affects Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware versions: 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, and 16.10.* before 16.10.0003. The issue is a vulnerability in the Web Management Interface that allows Remote ...