EUVD-2007-2371

Malware in sbrugna...

EUVD-2007-2372

Malware in sbrugna...

CVE-2025-52471

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

Microsoft Edge browser vulnerability, which allows attackers to compromise the confidentiality of information

The vulnerability of Microsoft Edge’s Content Protection Scheme CSP is related to deficiencies in access control. Exploiting this vulnerability allows attackers to force users to download malicious web pages...

DAHUA technology camera products unauthorized access vulnerability technical analysis and protection solution-vulnerability warning-the black bar safety net

Recently,the domestic well-known Camera/DVR manufacturer DAHUA technologyDahua Technologyfor their part of the product firmware upgrade the patch used to fix an important security issue. However, in official statement released before the discovery of this vulnerability, security experts Bashis...

Struts2 remote code execution vulnerability S2-0 3 3 technology analysis and protection solution-vulnerability warning-the black bar safety net

Apache Struts2 in open dynamic method invocation Dynamic Method Invocation case, the attacker using the REST plug-in calls a malicious expression can be remote code execution. This vulnerability number CVE-2 0 1 6-3 0 8 7, named S2-0 3 of 3. This article on the vulnerability of technical analysis...

CVE-2007-2383

The Prototype prototypejs framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...

Design/Logic Flaw

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

Design/Logic Flaw

The Dojo framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2007-2376

The Dojo framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

CVE-2006-4843

Cross-site scripting XSS vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme...

CVE-2006-4843

Cross-site scripting XSS vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme...

CVE-2006-7129

ISS BlackICE PC Protection 3.6 cpj and cpu, and possibly earlier versions, allows local users to bypass the protection scheme by using the ZwDeleteFile API function to delete the critical filelock.txt file, which stores information about protected files...

Directory traversal

Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading ".." sequences on the pmvckview COOKIE parameter, which bypasses the protection scheme...

Cross site scripting

Cross-site scripting XSS vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attackers to inject arbitrary web script or HTML via a BR element with an extraneous IMG tag and a STYLE attribute that contains "//" comment sequences, which bypasses the XSS protection scheme...

CVE-2006-2966

Cross-site scripting XSS vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attackers to inject arbitrary web script or HTML via a BR element with an extraneous IMG tag and a STYLE attribute that contains "//" comment sequences, which bypasses the XSS protection scheme...

Sony in their CD inside the used rootkit techniques to hide files-the vulnerability warning-the black bar safety net

sony use driver Aries. sys to hide any with$sys$at the beginning of the file,directory,registry,and even the process. The real surprise comes when he finds that it was installed there by an audio CD he bought from Amazon. The CD he had was published by Sony, who licensed this "content protection...