EUVD-2022-33607

Malicious code in bioql PyPI...

The vulnerability of the Google ChromeOS operating system’s component installation mechanisms allows attackers to circumvent security restrictions and enhance their privileges.

The vulnerability of the Google ChromeOS operating system’s component installation mechanisms components/componentupdater/componentinstaller.cc is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to bypass security restrictions and gain...

F5 BIG-IP Edge Client Windows Component Installer < 7.2.4.1 MITM (K000132522)

The version of the Big-IP Edge Client Windows Component Installer installed on the remote Windows host is before 7.2.4.1. In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows. An unauthenticated attacker with a...

CVE-2021-4303

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in shannah Xataface up to 2.x. Affected by this issue is the function testftp of the file install/installform.js.php of the component Installer. The manipulation leads to cross site scripting. The attack may be launched remotely...

XAMPP 代码问题漏洞

XAMPP is an integrated installation package for apache, PHP, Perl and MySQL from the US-based Apache Friends team. The product is primarily used for building web servers. A security vulnerability exists in XAMPP 7.1.1-0-VC14, which stems from an unknown feature of the component installer. An...