GHSA-RCC6-6Q2F-M2CW Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive information

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

EUVD-2023-46797

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

Alkacon OpenCms allows remote unauthenticated attackers to obtain sensitive information

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

CVE-2023-42344

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

Alkacon OpenCMS 代码问题漏洞

Alkacon OpenCMS is a content management system developed by Alkacon Corporation. Versions of Alkacon OpenCMS prior to 10.5.1 had code vulnerabilities. These vulnerabilities stemmed from the XXE attack on the Chemistry servlet via cmis-online/query, which could allow unauthorized remote attackers ...

CVE-2023-42344

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

CVE-2023-42344

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

CVE-2023-42344

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

EUVD-2014-6812

Malware in sbrugna...

CVE-2025-9758

A vulnerability was identified in deepakmisal24 Chemical Inventory Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /inventoryform.php. Such manipulation of the argument chemname leads to sql injection. The attack may be performed from remote. Th...

Friday Squid Blogging: A New Explanation of Squid Camouflage

New research: An associate professor of chemistry and chemical biology at Northeastern University, Deravi’s recently published paper in the Journal of Materials Chemistry C sheds new light on how squid use organs that essentially function as organic solar cells to help power their camouflage...

[SECURITY] Fedora 40 Update: jni-inchi-0.8-11.fc40

JNI-InChI enables Java software to generate IUPAC's International Chemical Identifiers InChIs by making Java Native Interface JNI calls to the InChI C library developed by IUPAC. All of the features from the InChI library are supported: - Standard and Non-Standard InChI generation from structures...

Out-of-bounds write vulnerabilities in popular chemistry software; Foxit PDF Reader issues could lead to remote code execution

Cisco Talos recently worked with two vendors to patch multiple vulnerabilities in a favored software library used in chemistry laboratories and the Foxit PDF Reader, one of the most popular PDF reader alternatives to Adobe Acrobat. Attackers could exploit these vulnerabilities to carry out a...

collegechemistrycanada.ca Cross Site Scripting vulnerability OBB-3553181

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Friday Squid Blogging: Squid-Inspired Hydrogel

Scientists have created a hydrogel "using squid mantle and creative chemistry." As usual, you can also use this squid post to talk about the security stories in the news that I havent covered. Read my blog posting guidelines here...

chem.uni-potsdam.de Cross Site Scripting vulnerability OBB-1220979

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2018-20859

edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem...

chemistry-reference.com XSS vulnerability

Open Bug Bounty ID: OBB-698711 Description| Value ---|--- Affected Website:| chemistry-reference.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia. TRITON...

chem.uni-potsdam.de XSS vulnerability

Open Bug Bounty ID: OBB-551217 Description| Value ---|--- Affected Website:| chem.uni-potsdam.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...