640 matches found
Cross site scripting
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor...
CVE-2020-17480
Removed by vendor...
CVE-2020-17480
The CVE-2020-17480 issue affects TinyMCE prior to 4.9.7 and 5.x prior to 5.1.4, where cross-site scripting can be triggered by inserting content via clipboard or editor APIs in the core parser, paste plugin, and visualchars plugin. The vulnerability arises from improper input validation and can b...
VulnCheck KEV: CVE-2011-4275
Multiple cross-site scripting XSS vulnerabilities in iTop aka IT Operations Portal 1.1.181 and 1.2.0-RC-282 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted company name, 2 a crafted database server name, 3 a crafted CSV file, 4 a crafted copy-and-paste...
AppleiOS 13.5.1 Resource Exposure Vulnerability
Apple iOS version 13.5.1 suffers from an issue where it is possible to circumvent the copy and paste restriction from the company profile to the private profile. Thus, it is possible to extract attachments that can be previewed "Quick Look" in the native Mail client to any private app. Product:...
ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises
The Australian Cyber Security Centre ACSC has released an advisory regarding an ongoing cyber campaign involving “copy-paste compromises” targeting Australian government and commercial networks. According to the advisory, a sophisticated malicious cyber actor is carrying out the campaign using...
April 21, 2020—KB4550944 (OS Build 17134.1456)
April 21, 2020—KB4550944 OS Build 17134.1456 IMPORTANT We have been evaluating the public health situation, and we understand this is impacting our customers. In response to these challenges, we are prioritizing our focus on security updates. Starting in May 2020, we are pausing all optional...
Files or folders are removed unexpectedly when you perform a cut-and-paste operation on a Windows FTP client that is connected to an FTP site
Files or folders are removed unexpectedly when you perform a cut-and-paste operation on a Windows FTP client that is connected to an FTP site Symptoms Consider the following scenario: You access an FTP site on a computer that is running Windows Server 2008 SP2, Windows 7 SP1, Windows Server 2008 ...
March 8, 2016, update for PowerPoint 2016 (KB3114847)
March 8, 2016, update for PowerPoint 2016 KB3114847 This article describes update KB3114847 for Microsoft PowerPoint 2016, which was released on March 8, 2016. This update has a prerequisite. Be aware that the update on the Microsoft Download Center applies to the Microsoft Installer .msi-based...
Apple Takes Heat Over 'Vulnerable' iOS Cut-and-Paste Data
Any cut-and-paste data temporarily stored to an iPhone or iPad’s memory can be accessed by all apps installed on the specific device – even malicious ones. That data can then reveal private information such as a user’s GPS coordinates, passwords, banking data or a spreadsheet copied into an email...
CVE-2013-2120
The %password... macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack...
CVE-2013-2213
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...
DEBIAN-CVE-2013-2120
The %password... macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack...
CVE-2013-2120
The %password... macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack...
Design/Logic Flaw
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...
CVE-2013-2213
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...
UBUNTU-CVE-2013-2120
The %password... macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack...
UBUNTU-CVE-2013-2213
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output...
Authentication flaw
The %password... macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack...
CVE-2013-2120
The %password... macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack...