EZVIZ APP 安全漏洞

EZVIZ APP is a mobile application developed by EZVIZ, a Chinese company, for remote monitoring and management of smart security devices. The EZVIZ APP has a security vulnerability, which stems from the use of outdated cloud function modules and legacy API interfaces. This vulnerability may allow...

EUVD-2018-0766

Malware in sbrugna...

CVE-2024-22069

There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords...

PT-2024-19183 · Zte · Zte Zxv10 Xt802/Et301

Name of the Vulnerable Software and Affected Versions: ZTE ZXV10 XT802/ET301 product affected versions not specified Description: The issue is related to a permission and access control vulnerability. Attackers with common permissions can log in to the terminal web and change the administrator's...

Selesta Visual Access Manager 安全漏洞

Selesta Visual Access Manager is a visual access manager from Selesta. A security vulnerability exists in Selesta Visual Access Manager, which can be exploited by an attacker to modify and receive ID-related computer POST parameters via POST HTTP request interception...

SUSE CVE-2021-20213

A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed...

SUSE: Security Advisory (SUSE-SU-2022:4058-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird Security Advisories (MFSA2022-47, MFSA2022-49) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

DEBIAN-CVE-2021-20213

A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed...

ALPINE-CVE-2021-20213

A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed...

UBUNTU-CVE-2021-20213

A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed...

CVE-2021-20213

A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed...

Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been

The Mozilla Foundation Security Advisory describes this flaw as: When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to...

PT-2021-13844 · Privoxy +3 · Privoxy +3

Name of the Vulnerable Software and Affected Versions: Privoxy versions prior to 3.0.29 Description: A flaw was found that could result in a crash if accept-intercepted-requests was enabled. This occurs when Privoxy fails to get the request destination from the Host header and a memory allocation...

kubernetes: compromised node could escalate to cluster level privileges

A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other...

MGASA-2020-0433 Updated thunderbird packages fix security vulnerabilities

Variable time processing of cross-origin images during drawImage calls. CVE-2020-16012 Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code. CVE-2020-26951 Fullscreen could be enabled without displaying the security UI. CVE-2020-26953 XSS through paste manual...

Matrix42 Workspace Management 9.1.2.2765 Cross Site Scripting Vulnerability

Matrix42 Workspace Management version 9.1.2.2765 suffers from a persistent cross site scripting vulnerability. Matrix42 Workspace Management 9.1.2.2765 – Stored Cross-Site Scripting =============================================================================== Identifiers...

CVE-2017-1559

Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758...

CVE-2017-12254

A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model DOM-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters passed to the web server...