CVE-2023-40123

In updateActionViews of PipMenuView.java, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2020-1841

Malware in sbrugna...

Adobe Commerce 安全漏洞

Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe USA. A security vulnerability exists in Adobe Commerce that stems from improper authorization. An attacker could exploit the vulnerability to bypass security measures and modify secondary information...

Debian: Security Advisory (DSA-5478-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB5018427)

This host is missing an important security update according to Microsoft KB5018427 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

JVN#14077132: Multiple vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-2909 Operation restriction bypass in multiple applications CWE-285 - CVE-2022-30602 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L| Base Score: 5.4 CVSS v2|...

CVE-2021-23335

All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure...

CVE-2018-20023

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memor...

openSUSE Security Update : flash-player (openSUSE-2016-1083)

This update for flash-player fixes the following security issues APSB16-29, boo998589 : - integer overflow vulnerability that could lead to code execution CVE-2016-4287. - use-after-free vulnerabilities that could lead to code execution CVE-2016-4272, CVE-2016-4279, CVE-2016-6921, CVE-2016-6923,...

Stable Channel Update

The stable channel has been updated to 51.0.2704.79 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library th...

The vulnerability of the Cisco Secure Access Control System allows a perpetrator to bypass existing access restrictions and create a new information panel.

The vulnerability of the Solution Engine component of the Cisco Secure Access Control System relates to deficiencies in access control for certain functions. Exploiting this vulnerability could allow a malicious actor to bypass existing access restrictions and create a new information panel by...

CentOS Update for java CESA-2013:0957 centos6

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2013:0957 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

DTSA-173-1 snort - rules bypass

Bulletin has no description...

Debian DSA-1033-1 : horde3 - several vulnerabilities

Several remote vulnerabilities have been discovered in the Horde web application framework, which may lead to the execution of arbitrary web script code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4190 Several Cross-Site-Scripting vulnerabiliti...