5254 matches found
Concrete CMS: SVG file that HTML Included is able to upload via File Manager
Concrete5 has the whitelist for restricting that malicious file is uploaded. concrete/config/concrete.php, Line no. 8688 The extension whitelist allows to upload SVG file. However, SVG can has the HTML elements in its code. Ref. https://www.w3.org/TR/SVG2/intro.htmlW3CCompatibility If web browser...
Microsoft Internet Explorer Null Pointer Dereference Vulnerability
Internet Explorer is a web browser from Microsoft. A null pointer dereference vulnerability exists in Microsoft Internet Explorer version 11. The vulnerability is caused due to a NULL pointer dereference access conflict within the 'Tree :: NotifyInvalidateDisplay' function when parsing an...
USN-3804-1: OpenJDK vulnerabilities
It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. CVE-2018-3136 Artem Smotrakov...
Find AND Fix First- and Third-Party Issues with the Power of Real Data and Adaptive Performance
It's been well established that there is a correlation between fast digital experiences and positive business results. What users experience on a site has a direct bearing on their engagement and buying behaviour and consequently the overall success of the business. Slow page load times can lead ...
Microsoft Internet Explorer CSS Style Double Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-12471 External Entity processing in the RegistrationSharing module
A External Entity Reference 'XXE' vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37...
CVE-2018-17846
The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification...
Design/Logic Flaw
The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification...
CVE-2018-17846
The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification...
CVE-2018-17846
Removed by vendor...
CVE-2018-17847
The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in nodeStack.pop in node.go, called from parser.clearActiveFormattingElements, during an html.Parse call...
CVE-2018-4319
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...
Command injection
Python Software Foundation Python CPython version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in shutil module makearchive function that can result in Denial of service, Information gain via injection of arbitrary files on...
KLA11323 Multiple vulnerabilities in Apple iTunes
Multiple serious vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, perform cross-site scripting attack, read local files. Below is a complete list of...
bouncycastle: ECDSA improper validation of ASN.1 encoding of signature
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of...
Remote code execution
GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code execution...
CVE-2018-15669
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that requests from HTMLIFrameElements are blacklisted. However, other sub-classes of HTMLFrameOwnerElements are not...
Design/Logic Flaw
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that OpenURL is the default URL handler. A navigation request is processed by the default URL handler only if the...
Mozilla Firefox ESR < 52.4 Multiple Vulnerabilities
Binary data 700331.prm...
architectural-elements.com XSS vulnerability
Open Bug Bounty ID: OBB-659738 Description| Value ---|--- Affected Website:| architectural-elements.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...