2404 matches found
Apache OpenOffice 安全漏洞
Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. A security bypass vulnerability exists in Apache OpenOffice, which can be exploited by an attacker t...
[SECURITY] Fedora 41 Update: python-starlette-0.42.0-3.fc41
Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: =E2=80=A2 A lightweight, low-complexity HTTP web framework. =E2=80=A2 WebSocket support. =E2=80=A2 In-process background tasks. =E2=80=...
[SECURITY] Fedora 42 Update: python-starlette-0.47.3-2.fc42
Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: =E2=80=A2 A lightweight, low-complexity HTTP web framework. =E2=80=A2 WebSocket support. =E2=80=A2 In-process background tasks. =E2=80=...
[SECURITY] Fedora 43 Update: python-starlette-0.49.1-1.fc43
Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: =E2=80=A2 A lightweight, low-complexity HTTP web framework. =E2=80=A2 WebSocket support. =E2=80=A2 In-process background tasks. =E2=80=...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988802)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988802 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4mbmarkbb with flexbg with fastcommit In case of flexbg feature which is by default...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989595 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix ext4mbmarkbb with flexbg with fastcommit In case of flexbg feature which is by default...
CVE-2020-36864
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864 Nagios XI < 5.7.2 XSS via Dashboard Background Color Setting
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864
CVE-2020-36864 affects Nagios XI versions prior to 5.7.2. The vulnerability is a cross-site scripting (XSS) flaw in the Dashboard background color setting caused by insufficient validation/escaping of user input, allowing an attacker to inject and execute arbitrary script in a victim’s browser. A...
CVE-2020-36864 Nagios XI < 5.7.2 XSS via Dashboard Background Color Setting
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.7.2, which stems from insufficient...
PT-2025-44547
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.2 Description Nagios XI versions prior to 5.7.2 are susceptible to cross-site scripting XSS through the background color settings within Dashboards. This is due to inadequate validation or escaping of...
PT-2025-43453
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the Framework component of Android operating systems related to insufficient protection of service data. Exploitation may allow a remote attacker to elevate privileges...
PT-2025-43463
Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the Framework component of Android operating systems related to insufficient protection of service data. This issue may allow a remote attacker to elevate privileges. The iss...
PT-2025-43500
In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
WordPress AP Background plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress AP Background plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of advparallaxback,...
WordPress AP Background plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress AP Background plugin that stems from missing or incorrect random number validation in the...
EUVD-2020-26579
Malware in sbrugna...