750 matches found
BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery
Exploit Title: BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery Date: 2020-09-11 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://bigbluebutton.org/ Version: BigBlueButton 2.2.25 RedTeam Pentesting discovered a vulnerability in the BigBlueButton web...
Command Execution Vulnerability in Extreme Demo 2019 (Windows Client)
Extreme Presentation 2019 is the PPT office software in the Extreme Office office suite A command execution vulnerability exists in Extreme Presentation 2019 Windows client. An attacker can exploit the vulnerability to execute arbitrary code...
CVE-2020-27608
In BigBlueButton before 2.2.28 or earlier, uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document...
Design/Logic Flaw
In BigBlueButton before 2.2.28 or earlier, uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document...
CVE-2020-27608
BigBlueButton vulnerability CVE-2020-27608 affects versions prior to 2.2.28. The issue stems from uploaded presentations being sent to clients without a Content-Type header, enabling cross-site scripting (XSS) evidenced by a .png file extension used for an HTML document. Impact is limited to XSS ...
CVE-2020-6559
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
DEBIAN-CVE-2020-6559
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2020-6559
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Design/Logic Flaw
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2020-6559
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2020-6559
CVE-2020-6559 is a Use-After-Free in Chrome/Chromium’s Presentation API (heap corruption) that could be exploited remotely via a crafted HTML page. Affected products are Google Chrome/Chromium prior to version 85.0.4183.83. Mitigation from the connected documents shows upgrading to 85.0.4183.83 o...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1322-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...
chromium-browser: Use after free in presentation API
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
September 8, 2020-KB4576480 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703
September 8, 2020-KB4576480 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703 Release Date: September 8, 2020 Version: .NET Framework 4.8 Summary Security improvementsClickOnce will no longer download applications from untrusted servers which use NTLM authentication, but,...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1328-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...
Google Chrome Security Update (stable-channel-update-for-desktop_25-2020-08) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
openSUSE Security Update : chromium (openSUSE-2020-1309)
This update for chromium fixes the following issues : Chromium was updated to version 85.0.4183.83 boo1175757 fixing : - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill -...
openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1306-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1309-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1306-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...