CVE-2017-1791

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

onlinerolgordijnen.nl XSS vulnerability

Open Bug Bounty ID: OBB-642589 Description| Value ---|--- Affected Website:| onlinerolgordijnen.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-11349

The administration panel of Jirafeau before 3.4.1 is vulnerable to three CSRF attacks on search functionalities: searchbyname, searchbyhash, and searchlink...

CVE-2018-11124

Cross-site scripting XSS vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute...

CVE-2018-11124

Cross-site scripting XSS vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute...

torontopubliclibrary.ca XSS vulnerability

Open Bug Bounty ID: OBB-641409 Description| Value ---|--- Affected Website:| torontopubliclibrary.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-8868

Medtronic MyCareLink Monitor devices (24950 and 24952) contain debug code that enables reading/writing arbitrary memory on implantable devices via short-range wireless interfaces. The vulnerability CVE-2018-8868 arises from an exposed dangerous function debugging path, allowing near-physically pr...

CVE-2018-8868 Medtronic MyCareLink Patient Monitor Exposed Dangerous Method or Function

Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit oth...

Cross site scripting

An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality the search box of the Dashboard...

CVE-2018-10076

An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality the search box of the Dashboard...

5 Key Factors to Consider When Comparing Cloud Security Solutions [Video]

Migrating to the cloud can be a challenge, and so can securing your platform once you’re there. It means having a security solution that is quick, adaptable and equipped to handle a wider breadth of attacks. Whether you’re in the market for a new security product, or you’re looking to switch, the...

DEBIAN-CVE-2018-1000557

OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting XSS vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary javascript code within a victims' browser. This attack appear to be exploitable via Victim mus...

Cross site scripting

OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting XSS vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary javascript code within a victims' browser. This attack appear to be exploitable via Victim mus...

UBUNTU-CVE-2018-1000205

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...

Design/Logic Flaw

lms version = LMS011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be exploitable via GET parameter. This vulnerability appears to have been fixed in after commit 254765e...

CVE-2018-1000205

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...

UBUNTU-CVE-2018-1000557

OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting XSS vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary javascript code within a victims' browser. This attack appear to be exploitable via Victim mus...

CVE-2018-1000205

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality...

cineart.nl XSS vulnerability

Open Bug Bounty ID: OBB-636110 Description| Value ---|--- Affected Website:| cineart.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

UPM Roaming Profiles "Break" if App Layering Elastic Layering is Enabled

UPM roaming profiles "break" if enabling App Layering Elastic Layering feature. Can’t right click the start menu, can’t open programs, etc...