EUVD-2005-0144

Malware in sbrugna...

EUVD-2005-0145

Malware in sbrugna...

The vulnerability in the web-based management interface of SonicWall’s SMA 100 series microprogramming network interfaces allows a hacker to execute arbitrary code.

The vulnerability in the web-based management interface of SonicWall’s SMA 100 series microprogramming system for network interfaces exists due to the lack of protective measures taken against the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitra...

The vulnerability in the web interface of the Cisco Secure Firewall Management Center software (formerly known as Cisco Firepower Management Center) allows a attacker to carry out XSS attacks.

The vulnerability in the web interface of the Cisco Secure Firewall Management Center formerly known as Cisco Firepower Management Center exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS...

F5 Networks BIG-IP : Angular JS vulnerabilities (K000141459)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the K000141459 advisory. CVE-2019-14863There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping t...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

The vulnerability of the User Profile Handler component on the Apache Roller server for creating web blogs allows attackers to execute XSS attacks.

The vulnerability of the User Profile Handler component on the Apache Roller web blog server exists due to the lack of security measures for handling web page structures. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

PT-2024-3645 · Microsoft · Dynamics 365 Customer Insights

Name of the Vulnerable Software and Affected Versions: Dynamics 365 Customer Insights affected versions not specified Description: The issue is related to the failure to properly secure the web page structure in Microsoft Dynamics 365 Customer Insights, allowing a remote attacker to conduct...

The vulnerability of the FILTER_VALIDATE_EMAIL function in the phpMyFAQ web application, which allows a hacker to execute arbitrary code.

The vulnerability of the FILTERVALIDATEEMAIL function in the phpMyFAQ web application is related to the lack of security measures for the structure of the web page. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

UBUNTU-CVE-2023-6211

If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox 120...

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 120, which originated from a method that could imprint a user to load an insecure http page...

DEBIAN-CVE-2022-25869

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

UBUNTU-CVE-2022-25869

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

CVE-2022-25869

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements...

The vulnerability relates to the EMC Documentum Administrator, a tool for managing electronic document systems; the EMC Documentum Digital Asset Management, a tool for managing multimedia materials within electronic document systems; the EMC Documentum TaskSpace, a tool for accessing the repository of electronic document systems; and the EMC Documentum Web Publisher, a system for managing web projects. The vulnerability also affects the web interface that provides access to the EMC Documentum Webtop repository. This vulnerability allows an attacker to inject arbitrary web scripts or HTML code.

The vulnerability of the EMC Documentum Administrator, a tool for managing electronic document systems, and the EMC Documentum Digital Asset Management tool for managing multimedia materials within electronic document systems, as well as the tools for accessing the EMC Documentum TaskSpace...

Safari allows access from HTTP to HTTPS

Overview Apple Safari contains a vulnerability that allows a remote attacker to access HTTPS content via an HTTP session. Safari is a default web browser installed in Mac OS X and iPhone. Safari contains a vulnerability that allows a remote attacker to access web page contents protected by SSL/TL...

CVE-2005-0143

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks...

CVE-2005-0143

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks...

CVE-2005-0144

Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks...

CVE-2005-0143

CVE-2005-0143 affects Firefox before 1.0 and Mozilla before 1.7.5. The issue is that the SSL lock icon can be displayed when an insecure page loads a binary file from a trusted site, which could aid phishing. Connected advisories confirm Mozilla security updates were issued (e.g., RHSA-2005:335; ...