13 matches found
EUVD-2025-6289
Malicious code in bioql PyPI...
LogicalDOC SQL注入漏洞
LogicalDOC is the United States LogicalDOC company a set of document management system developed using Java technology. The system has features such as Lucene full-text search indexing and automatic import. A security vulnerability exists in LogicalDOC that stems from the document history feature...
CVE-2025-1636
The CVE-2025-1636 issue affects Devolutions Remote Desktop Manager up to version 2024.3.29 on Windows, where a faulty business logic in the My Personal Credentials password history component can allow an authenticated user to inadvertently leak credentials from a shared vault via the clear histor...
CVE-2024-10971
Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier allows a malicious authenticated user to obtain sensitive data via faulty permission...
Zoho ManageEngine ADAudit Plus 安全漏洞
ZOHO ManageEngine ADAudit Plus is used by Zoho USA, Inc. to simplify auditing, demonstrate compliance and detect threats. A security vulnerability exists in Zoho ManageEngine ADAudit Plus prior to version 7271, which stems from a SQL injection issue in the Lock History option...
SugarCRM SQL Injection Vulnerability (CNVD-2019-34416)
SugarCRM is a set of open source customer relationship management software . A SQL injection vulnerability exists in the history feature of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to inject custom PHP code...
CVE-2016-1849
The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory...
Google Chrome Multiple Vulnerabilities (Aug 2010) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Authorization
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors...
CVE-2010-3115
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors...
CVE-2010-3115
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors...
CVE-2010-3115
MiracleLinux AXSA:2011-34 references CVE-2010-3115: Google Chrome
CVE-2010-3115
Removed by vendor...