171 matches found
EUVD-2011-2810
Malware in sbrugna...
EUVD-2014-7756
Malware in sbrugna...
EUVD-2022-4889
Malicious code in bioql PyPI...
CVE-2023-35818
An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...
CVE-2023-35818
An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...
Code injection
An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...
CVE-2023-35818
An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...
SUSE CVE-2010-2201
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the 1 pushstring 0x2C operator, 2 debugfile 0xF1 operator, and an "invalid pointer vulnerability" that triggers...
SUSE CVE-2010-2212
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service memory corruption via a PDF file containing Flash content with a crafted 1023 3FFh tag, a different vulnerability tha...
SUSE CVE-2011-0609
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll aka AuthPlayLib.bundle in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windo...
SUSE CVE-2012-1535
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted SWF content, as exploited in the wild in August 2012 with SWF...
SUSE CVE-2013-0643
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted...
SUSE CVE-2014-7906
Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's...
GHSA-Q52R-G8JF-WV3X Apache OpenMeetings allows flash content to be loaded from untrusted domains
Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains...
Apache OpenMeetings allows flash content to be loaded from untrusted domains
Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains...
U.S. Dept Of Defense: CSRF - Modify Company Info
Target Url ███/services/user/manageAccountCompany Summary: Similar to███████, but on different endpoint. The application is missing CSRF Token on Editing company info endpoint. This lead to CSRF attack. Bypassing Content-Type The application is just accepting Content-Type as application/json. Thi...
Microsoft Edge Feature Bypass Vulnerability
Microsoft Edge is a web browser from Microsoft USA that is the default browser that comes with the Windows 10 operating system. A security feature bypass vulnerability exists in the handling of whitelisting in Microsoft Edge. An attacker can exploit this vulnerability to bypass Flash policies and...
PT-2018-1443
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 28.0.0.161 Description The issue is related to a use-after-free vulnerability, which occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. This can allo...
chimneypiecedesigner.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-429603 Description| Value ---|--- Affected Website:| chimneypiecedesigner.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...
educacional.net XSS vulnerability
Vulnerable URL: http://www.educacional.net/comum/detectaflash/flashdetection.swf?flashContentURL=javascript:alert1 Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...