4 matches found
CVE-2025-47792 Nextcloud Desktop 3rdparty applications can create share links via socket API
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in the lack of mechanisms for encoding or shielding output data. This allows attackers to execute arbitrary code.
The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing it through an...
CVE-2023-22729
Silverstripe Framework is the Model-View-Controller framework that powers the Silverstripe content management system. Prior to version 4.12.15, an attacker can display a link to a third party website on a login screen by convincing a legitimate content author to follow a specially crafted link...
Cross site request forgery (csrf)
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a friendship link via index.php?m=link&f=index&v=add...