CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...

EUVD-2021-17679

Malware in sbrugna...

EUVD-2018-12734

Malware in sbrugna...

EUVD-2011-2810

Malware in sbrugna...

WordPress Halpes Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress Halpes, which stems from improper input neutralization and can be exploited by an attacker to tamper with web conte...

CVE-2025-41404

Direct request 'Forced Browsing' issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product...

CVE-2021-33696

SAP BusinessObjects Business Intelligence Platform Crystal Report, versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vulnerability, leading to non-permanently deface or modify displayed content from a Web site...

CVE-2024-54502

The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash...

PT-2024-5706 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in data type mixing, which can allow an attacker to execute arbitrary code. This is a memory corruption vulnerability in Microsoft Edge based on HTML...

SUSE CVE-2023-37450

The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited...

CVE-2022-26700

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution...

CVE-2021-30762

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited...

ROS-2-1935

2.1935 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

ROS-2-2094

2.2094 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

Multiple Adobe Product Security Feature Bypass Vulnerabilities (CNVD-2021-30423)

Adobe Acrobat and Reader are the United States Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Reader is a set of PDF document reading software. A number of Adobe products have security vulnerabilities. Unauthenticated attackers can take advanta...

DEBIAN-CVE-2019-8820

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead...

Hacking the Echo echo echo

Smart home assistant. Not-so-smart TV Amazon Echo is considered pretty secure in the security community. Remote exploitation is a pipe dream, requiring months of research to stand any chance. But what about using other devices in the home to exploit it instead? Working on a smart Samsung TV and a...

Cross site scripting

FatFreeCRM version =0.15.0 =0.16.0 =0.17.0 =0.17.2, ==0.18.0 contains a Cross Site Scripting XSS vulnerability in commit 6d60bc8ed010c4eda05d6645c64849f415f68d65 that can result in Javascript execution. This attack appear to be exploitable via Content with Javascript payload will be executed on e...

CVE-2018-5159

An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird 52.8,...

PT-2011-1246 · Adobe +2 · Reader +5

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 10.2.154.13 and earlier Adobe Flash Player versions 10.1.106.16 and earlier on Android Adobe AIR version 2.5.1 and earlier Adobe Reader and Acrobat versions 9.x through 9.4.2 Adobe Reader and Acrobat versions 10.x...