350 matches found
Safe Browsing now on Opera for Android
Security Safe Browsing now on Opera for Android Share November 11th, 2022 Hi Android users! We’re happy to share that Opera for Android 72 now features Safe Browsing to keep you even safer when browsing or shopping online on your Android device. Safe Browsing protects your online experience by...
CVE-2022-37396
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution...
JetBrains Rider 安全漏洞
JetBrains Rider is a cross-platform .NET integrated development environment IDE from the Czech company JetBrains. A security vulnerability exists in JetBrains Rider versions prior to 2022.2, which stems from the ability to bypass the trust and open project dialogs, which can lead to local code...
GHSA-JV4C-7JQQ-M34X CKEditor 4 ReDoS Vulnerability
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs in the Advanced Tab for Dialogs plugin...
CKEditor 4 ReDoS Vulnerability
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs in the Advanced Tab for Dialogs plugin...
GHSA-XJ94-RGF9-CQ37 Umbraco CMS vulnerable to stored XSS
Cross-site scripting XSS vulnerability in Umbraco CMS before 7.7.3 allows remote attackers to inject arbitrary web script or HTML via the "page name" aka nodename parameter during the creation of a new page, related to Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs and...
CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
Design/Logic Flaw
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
UBUNTU-CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set or forking scenario, a hash key shared by multiple UAC dialogs can...
PJSIP 资源管理错误漏洞
PJSIP is a free and open source multimedia communications library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP suffers from a Resource Management Error vulnerability that stems from the fact that in versions prior to 2.11.1, in a dialog...
Information Disclosure
firefox is vulnerable to information disclosure. The vulnerability exists allowing JavaScript Dialogs to be displayed over other domains on Firefox for Android...
Information disclosure
In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-...
CVE-2021-40223
Rittal CMC PU III Web management version V3.11.002 fails to sanitize user input on several parameters of the configuration User Configuration dialog, Task Configuration dialog and set logging filter dialog. This allows an attacker to backdoor the device with HTML and browser-interpreted content...
Rittal CMC PU III 跨站脚本漏洞
Rittal CMC PU III is a monitoring system from Rittal, Germany. A security vulnerability exists in the Rittal CMC PU III Web management version V3.11.002, which originates from a failure of the web application to clean up user input on multiple parameters of the configuration User Configuration...
UBUNTU-CVE-2021-29987
After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not want to. This bug onl...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox has a security vulnerability that exists due to the way Firefox displays permission panels. After requesting multiple permissions and closing the first permission panel, subsequent...
Cross-site scripting (XSS) from field and configuration text displayed in the Panel
On Saturday, @hdodov reported that the Panel's ListItem component used in the pages and files section for example displayed HTML in page titles as it is. This could be used for cross-site scripting XSS attacks. We used his report as an opportunity to find and fix XSS issues related to dynamic sit...
CVE-2021-1517
A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker...
CVE-2021-1517
A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker...
CVE-2021-1517 Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security Bypass Vulnerability
A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker...