Lucene search
K

209 matches found

Prion
Prion
added 2020/07/21 2:15 p.m.16 views

Improper access control

The WOPI API integration for Vereign Collabora CODE through 4.2.2 does not properly restrict delivery of JavaScript to a victim's browser, and lacks proper MIME type access control, which could lead to XSS that steals account credentials via cookies or local storage. The attacker must first obtai...

4.3CVSS6AI score0.00866EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/07/21 1:39 p.m.26 views

CVE-2020-12432

The WOPI API integration for Vereign Collabora CODE through 4.2.2 does not properly restrict delivery of JavaScript to a victim's browser, and lacks proper MIME type access control, which could lead to XSS that steals account credentials via cookies or local storage. The attacker must first obtai...

6AI score0.00866EPSS
Exploits1References2
CVE
CVE
added 2020/07/21 1:39 p.m.56 views

CVE-2020-12432

Summary: CVE-2020-12432 affects Collabora CODE/WOPI integration used by Vereign Collabora CODE up to version 4.2.2. The vulnerability arises from improper restriction of JavaScript delivery to a user’s browser and weak MIME-type access control, enabling cross-site scripting that can steal credent...

6.1CVSS6AI score0.00866EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2016/09/15 12:0 a.m.23 views

Collabora CODE / Collabora Online / LibreOffice Online / OxOffice Online / Claro drive Detection (HTTP)

HTTP based detection of Collabora CODE Collabora Online Development Edition, Collabora Online, LibreOffice Online, OxOffice Online, Claro drive and similar other LibreOffice Online based products. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a reference...

5.8AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2014/07/03 12:0 a.m.37 views

Debian DSA-2971-1 : dbus - security update

Several vulnerabilities have been discovered in dbus, an asynchronous inter-process communication system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-3477 Alban Crequy at Collabora Ltd. discovered that dbus-daemon sends an AccessDenied error to...

4CVSS5.4AI score0.00446EPSS
Exploits0References8
Debian
Debian
added 2014/07/02 6:40 p.m.80 views

[SECURITY] [DSA 2971-1] dbus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2971-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 02, 2014 http://www.debian.org/security/faq -...

4CVSS6.5AI score0.00446EPSS
Exploits0
Debian
Debian
added 2014/07/02 6:40 p.m.66 views

[SECURITY] [DSA 2971-1] dbus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2971-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 02, 2014 http://www.debian.org/security/faq -...

2.1CVSS0.7AI score0.00446EPSS
Exploits0
OSV
OSV
added 2014/07/02 12:0 a.m.26 views

DSA-2971-1 dbus - security update

Bulletin has no description...

4CVSS4.2AI score0.00446EPSS
Exploits0
FreeBSD
FreeBSD
added 2014/06/10 12:0 a.m.25 views

dbus -- local DoS

Simon MvVittie reports: Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service flaw in dbus-daemon, part of the reference implementation of D-Bus. Additionally, in highly unusual environments the same flaw could lead to a side channel between processes that should not be able to...

4CVSS5.6AI score0.00444EPSS
Exploits0References1
Rows per page
Query Builder