7648 matches found
CVE-2018-10850
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of service...
Shopify - (Link Return) Client Side Web Vulnerability
Document Title: =============== Shopify - Link Return Client Side Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1550 Release Date: ============= 2018-06-13 Vulnerability Laboratory ID VL-ID: ==================================== 1550...
GetPocket - Multiple Persistent Web Vulnerabilities
Document Title: =============== GetPocket - Multiple Persistent Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1722 Release Date: ============= 2018-06-13 Vulnerability Laboratory ID VL-ID: ==================================== 1722...
ReleaseWire - (Foldername) Persistent Cross Site Scripting
Document Title: =============== ReleaseWire - Foldername Persistent Cross Site Scripting References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2126 Video: https://www.youtube.com/watch?v=iICPyaitRK8 Release Date: ============= 2018-06-13 Vulnerability Laboratory ID VL-ID:...
Shopify - (Link Return) Client Side Web Vulnerability
Document Title: =============== Shopify - Link Return Client Side Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1550 Release Date: ============= 2018-06-12 Vulnerability Laboratory ID VL-ID: ==================================== 1550...
CVE-2017-7843
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not...
CVE-2018-4224
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security...
CVE-2018-4224
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security...
Design/Logic Flaw
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a...
Code injection
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security...
CVE-2018-4223
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a...
CVE-2018-10850
A race condition was found in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of service...
Multiple Apple Product Status Management Vulnerabilities
Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is a set of operating systems for mobile devices; macOS High Sierra is a specialized operating system for Mac computers; tvOS is a smart TV operating system; and watchOS is a smart watch operating system. securit...
Apple Mac OS X Security Updates (HT208849)-01
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-10379
An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability...
CVE-2018-10379
GitLab CE/EE (GitLab) before versions 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2 contain a persistent XSS in the Move Issue feature. The vulnerability arises from improper sanitization in the Move Issue UI, allowing stored script injection via issue fields. Impact is conditional on in...
CVE-2018-10379
An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. The Move Issue feature contained a persistent XSS vulnerability...
CVE-2018-10379
Removed by vendor...
Cross site scripting
Zimbra Web Client ZWC in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group...
CVE-2018-10939
Zimbra Web Client ZWC in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group...