lettersanitizer Denial of Service Vulnerability

lettersanitizer is a DOM-based HTML email cleaner for in-browser email rendering. A denial of service vulnerability exists in lettersanitizer versions prior to 1.0.2. The vulnerability stems from a failure to properly handle incoming error messages and can be exploited by an attacker to cause a...

CVE-2020-20095

iMessage Messages app iOS 12.4 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

Cybozu Garoon License Issue Vulnerability (CNVD-2020-26659)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. An authorization issue vulnerability exists in Cybozu Garoon versions 4.0.0 to 4.10.3. A remote attacker can...

Apple Messages HandwritingProvider Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Messages. User interaction is required to exploit this vulnerability in that the target must open the Messages application. The specific flaw exists within the HandwritingProvider modul...

web.williams.edu XSS vulnerability

Open Bug Bounty ID: OBB-311108 Description| Value ---|--- Affected Website:| web.williams.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2016-1764

The Content Security Policy CSP implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL...