Mozilla: Use-after-free in text reflows

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have caused a use-after-free issue by forcing a text reflow in an SVG object, leading to a potentially exploitable crash...

Privilege Escalation

chromium is vulnerable to privilege escalation. Inappropriate implementation in Network allows an attacker to perform an action which is otherwise not permitted...

PT-2020-3723 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue exists due to the Windows kernel's failure to properly handle objects in memory. This could allow an attacker to run arbitrary code in kernel mode, enabling them to install...

Engel & Völkers Technology GmbH: [go3-intern.engelvoelkers.com] - Reflected XSS in /dGPS3/default.jsp

Summary: The application fails to sanitize user input in https://go3-intern.engelvoelkers.com/dGPS3/default.jsp and reflect the input directly in the HTTP response, allowing the hacker to exploit the vulnerable parameter and have malicious content executed in the victim's browser. Description: A...

Memory corruption vulnerability in the processing of sh*** files by Hollis HT8000 (CNVD-2019-15924)

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. Memory corruption vulnerability exists in the handling of sh files by HELISE HT8000. An attacker can trick a user who has installed HT8000 to open a malicious sh file, which in turn trigger...