233 matches found
USN-4310-1: WebKitGTK+ vulnerability
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
CVE-2020-8127
Insufficient validation in cross-origin communication postMessage in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks...
MGASA-2019-0246 Updated monit packages fix security vulnerabilities
Updated monit package fixes security vulnerabilities: Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks CVE-2019-11454. Zack Flack discovered a buffer overread when Monit decoded certain...
Mozilla Firefox ESR Security Advisories - 1 - (MFSA2019-25, MFSA2019-27) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Microsoft SharePoint Enterprise Server 2016 Multiple Vulnerabilities (KB4475520)
This host is missing an important security update according to Microsoft KB4475520 SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Bypass Policy
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Ubuntu 18.04 LTS : WebKitGTK+ vulnerabilities (USN-3889-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3889-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...
CVE-2018-15614 IP Office one-X Portal XSS
A vulnerability in the one-x Portal component of IP Office could allow an authenticated user to perform stored cross site scripting attacks via fields in the Conference Scheduler Service that could affect other application users. Affected versions of IP Office include 10.0 through 10.1 SP3 and 11...
Ubuntu 18.04 LTS : WebKitGTK+ vulnerabilities (USN-3854-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3854-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote...
CVE-2018-18807
The web application of the TIBCO Statistica component of TIBCO Software Inc.'s TIBCO Statistica Server contains vulnerabilities which may allow an authenticated user to perform cross-site scripting XSS attacks. Affected releases are TIBCO Software Inc.'s TIBCO Statistica Server versions up to and...
Debian: Security Advisory (DSA-4259-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM TRIRIGA Application Platform Cross Site Request Forgery Vulnerability (CVE-2016-0348)
Summary Unauthenticated requests can be made to a vulnerable web application, which then performs unauthorized action on behalf of the attacker. Vulnerability Details CVEID: CVE-2016-0348 DESCRIPTION: IBM Tririga is vulnerable to cross-site request forgery, caused by improper validation of...
RSA Authentication Agent (IIS) < 8.0.2 Multiple Vulnerabilities
RSA Authentication Agent for IIS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3481-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3481-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3460-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3460-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3376-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3376-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...
Cross-site Scripting (XSS)
github.com/revel/revel is vulnerable to cross-site scripting XSS attacks. It does not perform HTML escaping of string arguments...
Stored Cross-Site Scripting Vulnerability at Custom Inputs in Thinksaas System
ThinkSAAS is a lightweight open source community system is a community system that can be used to build discussion groups, bbs and circles. A stored cross-site scripting vulnerability exists in Thinksaas version 2.5 at the system's custom input. The system uses a blacklisting mechanism to filter...
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3257-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3257-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...
Ubuntu: Security Advisory (USN-3257-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...