CVE-2019-7250

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code via SCRIPT elements, event handlers, etc.. Since this code...

CVE-2019-7250

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code via SCRIPT elements, event handlers, etc.. Since this code...

CVE-2019-7250

The CVE-2019-7250 issue affects the Cross Reference Add-on 36 for Google Docs. The vulnerability is a Stored XSS flaw in the plugin’s configuration panel preview boxes, where crafted label and references text can inject JavaScript code (via SCRIPT elements, event handlers, etc.). The stored paylo...

[SECURITY] Fedora 29 Update: python3-3.7.2-4.fc29

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

Fedora Update for python3-docs FEDORA-2019-541a12b809

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: .NET Core on Red Hat Enterprise Linux security update

Updates for rh-dotnet21-dotnet and rh-dotnet22-dotnet are now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Adobe Flash Zero-Day Leveraged Via Office Docs in Campaign

An Adobe Flash Player zero-day exploit has been spotted in the wild as part of a widespread campaign, researchers said on Wednesday. Adobe has just issued a patch for the previously unknown critical flaw. The vulnerability, CVE-2018-15982, is a use-after-free flaw enabling arbitrary code executio...

Lone Wolf loadingDOCS Insecure Permissions

EZMAX SECURITY ADVISORY https://www.ezmax.ca/ Product: Loading Docs Vendor: Lone Wolf Technologies http://www.lwolf.com CVE ID: CVE-2018-15502 NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-15502 Subject: Insecure permissions allow remote attackers to download any confidential files via http...

(RHSA-2018:2684) Low: .NET Core Runtime 2.1.4 and SDK 2.1.402 for Red Hat Enterprise Linux

.NET Core is a managed software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that addresses several security vulnerabilities is now available. The updated version of the runtime is 2.1.4. The...

Threat Outbreak Alert RuleID32665: Email Messages Distributing Malicious Software on May 02, 2018

Medium Alert ID: 57705 First Published: 2018 May 2 18:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32665 may contain the following files: Name | Size ...

Fedora Update for python3-docs FEDORA-2018-a042f795b2

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for python3-docs FEDORA-2018-aa8de9d66a

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : python-pip / python3 / python3-docs (2018-a042f795b2)

Update to 3.6.5 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

[SECURITY] Fedora 26 Update: python3-3.6.5-1.fc26

Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as t...

[SECURITY] Fedora 28 Update: python3-3.6.5-1.fc28

Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...

vetnet.education.gov.au XSS vulnerability

Open Bug Bounty ID: OBB-550256 Description| Value ---|--- Affected Website:| vetnet.education.gov.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Fedora 27 : libidn2 (2017-09b1c3f099)

Libidn2 2.0.4 released 2017-08-30 =================================== - Fix integer overflow in bidi.c/isBidi - Fix integer overflow in punydecode.c/decodedigit - Improve docs - Fix idnafree to idnfree - Update fuzzer corpora Note that Tenable Network Security has extracted the preceding...

LinkedIn Phishing Scam Steals Gmail Credentials Through Google Docs

By Waqas LinkedIn, a business and employment-oriented social networking website contain personal information This is a post from HackRead.com Read the original post: LinkedIn Phishing Scam Steals Gmail Credentials Through Google Docs...

Dissecting the Chrome Extension Facebook malware

It's been a few days since Kaspersky Lab's blog post about the Multi Platform Facebook malware that was spread through Facebook Messenger. At the same time as Kaspersky Lab were analyzing this threat, a few researchers where doing the same, including Frans Rosén, Security Advisor at Detectify...

Adware Spreading Via Social Engineering, Facebook Messenger

Attackers have taken to Facebook Messenger with a combination of social engineering and malicious JavaScript to spread adware, something that’s likely earning them a small chunk of change in the process. David Jacoby, a senior security researcher with Kaspersky Lab’s Global Research & Analysis...