Astra Linux - уязвимость в firefox

A race condition involving requestPointerLock and setTimeout could have allowed a user to interact with one tab while believing they were on a different tab. Combined with certain elements such as , this could lead to an attack where the user became confused about the origin of the webpage and...

Advantech SUSIAccess Server downloadCSV file Parameter Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech SUSIAccess Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of downloadCSV.jsp. When parsing the file element, the...

openSUSE Security Update : kdenetwork4 (openSUSE-SU-2010:1076-1)

This update of kdenetwork fixes several bugs, the security related issues are : - CVE-2010-1000: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N: CWE-22 The 'name' attribute of the 'file' element of metalink files is not properly sanitised this can be exploited to download files to arbitrary...