PT-2019-2976 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A remote code execution issue exists due to the improper handling of specially crafted embedded fonts by the Windows font library. This could allow an attacker to take control of the affect...

CVE-2019-1081

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, in a web-based attack...

Weblate: Invalidate session after password reset - hosted website

Hey team, The Hosted Website doesn't invalidate session after the password is reset. It's one of the OWASP recommendations to terminate the session when a password is changed and force the user to re-login. Quote from OWASP: Renew the Session ID After Any Privilege Level Change The session ID mus...

fhvd.ch XSS vulnerability

Vulnerable URL: http://www.fhvd.ch/search.php Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check fhvd.ch SSL connection:| Grade: F Coordinated Disclosure...