12 matches found
Gitlab -- vulnerabilities
Gitlab reports: Cross-site Scripting issue in Analytics dashboard chart rendering impacts GitLab EE Cross-site Scripting issue in global search impacts GitLab CE/EE Cross-site Scripting issue in Duo Agent output rendering impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts...
Microsoft Office to publish symbols starting August 2022
We are excited to announce that Microsoft Office will begin publishing Office symbols for Windows via the Microsoft Public Symbol Server on August 9th 2022. The publication of Office symbols is a part of our continuing investment to improve security and performance for customers and partners. Key...
Microsoft Office to publish symbols starting August 2022
We are excited to announce that Microsoft Office will begin publishing Office symbols for Windows via the Microsoft Public Symbol Server on August 9th 2022. The publication of Office symbols is a part of our continuing investment to improve security and performance for customers and partners. Key...
RHEL 9 : .NET 6.0 (RHSA-2022:5050)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5050 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...
dotnet: NuGet Credential leak due to loss of control of third party symbol server domain
.NET and Visual Studio Information Disclosure Vulnerability...
dotnet: NuGet Credential leak due to loss of control of third party symbol server domain
.NET and Visual Studio Information Disclosure Vulnerability...
dotnet: NuGet Credential leak due to loss of control of third party symbol server domain
.NET and Visual Studio Information Disclosure Vulnerability...
dotnet: NuGet Credential leak due to loss of control of third party symbol server domain
.NET and Visual Studio Information Disclosure Vulnerability...
dotnet: NuGet Credential leak due to loss of control of third party symbol server domain
.NET and Visual Studio Information Disclosure Vulnerability...
Lunar - A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory
A lightweight native DLL mapping library that supports mapping directly from memory Features Imports and delay imports are resolved Relocations are performed Image sections are mapped with the correct page protection Exception handlers are initialised A security cookie is generated and initialise...
Microsoft Edge / Internet Explorer HandleColumnBreakOnColumnSpanningElement Type Confusion Exploit
Microsoft Edge and Internet Explorer suffer from a type confusion in HandleColumnBreakOnColumnSpanningElement. Microsoft Edge and IE: Type confusion in HandleColumnBreakOnColumnSpanningElement CVE-2017-0037 PoC: .class1 float: left; column-count: 5; .class2 column-span: all; columns: 1px; table...
Mozilla Firefox 3.6.16 mChannel Use-After-Free漏洞
漏洞分析 此漏洞是由于Mozilla Firefox的xul.dll在处理mChannel标签时,在OnChannelRedirect中对mChannel对象进行创建,但在随后调用Release释放,在释放对象过后没有对该指针进行标记,从而导致在随后的调用用中引用mChannel标签时,由于指针已经被释放,导致call地址不可读,从而引发漏洞,下面对此漏洞进行详细分析。 首先打开PoC,火狐浏览器崩溃,附加调试器,到达漏洞现场。 858.85c: Access violation - code c0000005 first chance First chance exceptions a...