Linux Distros Unpatched Vulnerability : CVE-2020-17448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat...

Parse Server Path Traversal Vulnerability

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server that stems from the application crashing when uploading files with no extension...

UBUNTU-CVE-2020-35112

If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension such as .bat or .exe that executable would have been launched instead. Note:...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox in that if a user downloads a file without an extension on Windows, and then "opens" it in the download panel, the executable will be launched if the...

UBUNTU-CVE-2020-17448

Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...