15 matches found
EUVD-2014-8469
Malware in sbrugna...
The vulnerability of the software tool for processing and managing financial transactions conducted through the SWIFT international messaging system allows a perpetrator to disclose protected information or compromise the accessibility of that information, due to incorrect restrictions on XML links to external objects in the IBM Financial Transaction Manager for SWIFT Services.
The vulnerability of the software tool for processing and managing financial transactions conducted through the SWIFT messaging system is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to disclose protected...
CVE-2022-29619
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted...
OPENSUSE-SU-2022:0155-1 Security update for libredwg
This update for libredwg fixes the following issues: Update to release 0.12.5 boo1193372 CVE-2021-28237 Restricted accepted DXF objects to all stable and unstable classes, minus MATERIAL, ARCDIMENSION, SUN, PROXY. I.e. most unstable objects do not allow unknown DXF codes anymore. This fixed most...
The vulnerability of the Firefox browser, which allows a malicious actor to circumvent window object restrictions
The Mozilla Firefox browser contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to bypass window object restrictions by utilizing incompatibility in the original method-implementations of various JavaScript engin...
The vulnerability of the Thunderbird email client, which allows a malicious actor to circumvent window object restrictions
Mozilla Thunderbird’s email client contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to bypass window object restrictions by utilizing incompatibility in the original JavaScript method receivers...
The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to circumvent window object restrictions
Mozilla SeaMonkey software contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to circumvent window object restrictions by utilizing incompatibility in the original method-extractors of various JavaScript engines...
The vulnerability of the Firefox ESR browser allows a malicious individual to circumvent window object restrictions.
The Mozilla Firefox ESR browser contains a vulnerability related to incompatibility with JavaScript software components. Exploiting this vulnerability allows malicious actors to bypass window object restrictions by utilizing incompatibility in the original method-extractors of various JavaScript...
Design/Logic Flaw
The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal...
CVE-2014-8632
The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal...
CVE-2014-8631
The Chrome Object Wrapper COW implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method...
CVE-2014-8632
CVE-2014-8632 affects Mozilla Firefox (before 34.0) and SeaMonkey (before 2.31). The issue is in the structured-clone implementation where interactions with XrayWrapper property filtering do not properly enforce restrictions, allowing a remote attacker to bypass intended DOM object restrictions b...
CVE-2014-8631
The Chrome Object Wrapper COW implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method...
CVE-2014-8631
CVE-2014-8631 affects Firefox (before 34.0) and SeaMonkey (before 2.31) where the Chrome Object Wrapper (COW) allows native-interface passing, potentially bypassing DOM object restrictions via an unspecified method. This remote vulnerability could be exploited without user interaction; exploitati...
CVE-2013-0172
Samba 4.0.x vulnerable before 4.0.1 due to improper interpretation of objectClass-based Access Control Entries, allowing remote authenticated users to bypass restrictions on modifying LDAP directory objects via (1) objectClass access by a user, (2) objectClass access by a group, or (3) write acce...