CVE-2018-19324

kimsQ Rb 2.3.0 allows XSS via the second input field to the /?r=home=mypage=info URI...

CVE-2020-10372

Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XSS via the vdms/ipmapping.jsp location field to the dms/rest/services/datastore/createOrEditValueForKey URI...

EUVD-2018-4609

Malware in sbrugna...

CVE-2021-29030

A cross-site scripting XSS vulnerability in Bitweaver version 3.1.0 allows remote attackers to inject JavaScript via the /users/admin/index.php URI...

Trend-spotting email techniques: How modern phishing emails hide in plain sight

With the massive volume of emails sent each day, coupled with the many methods that attackers use to blend in, identifying the unusual and malicious is more challenging than ever. An obscure Unicode character in a few emails is innocuous enough, but when a pattern of emails containing this obscur...

CVE-2020-29127

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user using any web browser, the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=XXXXXXXXXX&csppage=cgiPgOverview&csplang=en is visited from a...

CVE-2019-6453

mIRC before 7.55 is affected by CVE-2019-6453 due to argument injection via custom URI protocol handlers. An irc:// URI can load an arbitrary .ini file from a UNC share pathname, enabling remote command execution in the context of the application. Exploitation depends on browser-specific URI hand...

Skype URI handling routine contains a buffer overflow

Overview A buffer overflow in Skype may allow a remote attacker to execute code on a vulnerable system. Description Skype software provides telephone service over IP networks. There is a buffer overflow in the routines that handle Skype-specific URIs callto:// or skype://. The buffer overflow may...