5749 matches found
KLA61976 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 on-premises can be exploited remotely to spoof user...
Debian dla-3652 : ruby-sanitize - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3652 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3652-1 [email protected] https://www.debian.org/lts/security/...
The vulnerability in the cr_tknzr_parse_comment function of the cr-tknzr.c component, a library for working with cascading tables in CSS2 Libcroco, allows a hacker to cause a service failure.
The vulnerability of the crtknzrparsecomment function in the cr-tknzr.c component of the Libcroco library for working with cascading tables in css2 is related to the execution of an operation outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause servic...
CVE-2023-31077
Cross-Site Request Forgery CSRF vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin = 2.1.9 versions...
CVE-2023-31077
Cross-Site Request Forgery CSRF vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin = 2.1.9 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin = 2.1.9 versions...
CVE-2023-31077 WordPress Export WP Page to Static HTML/CSS Plugin <= 2.1.9 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin = 2.1.9 versions...
CVE-2023-31077
CVE-2023-31077 is a CSRF vulnerability in the ReCorp Export WP Page to Static HTML/CSS plugin, affecting versions 2.1.9 (specifically 2.2.0 or newer) and considering CSRF protections as a workaround until patched. If exploits are observed in the wild, they are not detailed in the provided materi...
PT-2023-23139 · WordPress · Recorp Export Wp Page To Static Html/Css
Name of the Vulnerable Software and Affected Versions: ReCorp Export WP Page to Static HTML/CSS plugin versions = 2.1.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that t...
golang: html/template: improper sanitization of CSS values
A flaw was found in golang where angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if...
golang: html/template: improper sanitization of CSS values
A flaw was found in golang where angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if...
golang: html/template: improper sanitization of CSS values
A flaw was found in golang where angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if...
golang: html/template: improper sanitization of CSS values
A flaw was found in golang where angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if...
golang: html/template: improper sanitization of CSS values
A flaw was found in golang where angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if...
Rocky Linux 8 : thunderbird (RLSA-2022:5774)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5774 advisory. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory...
ALSA-2023:6474 Moderate: podman security, bug fix, and enhancement update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http...
ALSA-2023:6402 Moderate: containernetworking-plugins security and bug fix update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
Fedora: Security Advisory (FEDORA-2023-735ee6d4e1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
css.viber.com Open Redirect vulnerability OBB-3765633
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
[SECURITY] Fedora 38 Update: roundcubemail-1.6.4-1.fc38
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...