Marvell QConvergeConsole 路径遍历漏洞

Marvell QConvergeConsole is a unified adapter management software across data centers from Marvell USA. A path traversal vulnerability exists in Marvell QConvergeConsole due to an error in the QLogicDownloadImpl class. An attacker could exploit the vulnerability to delete files and disclose...

CVE-2023-0700

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

Information disclosure

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

CVE-2008-3264

The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers t...