11 matches found
EUVD-2018-8514
Malware in sbrugna...
CVE-2024-23190
Upsell shop information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously configured accounts...
CVE-2023-41703
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...
Code injection
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...
CVE-2023-41703
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...
CVE-2023-41703
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...
GHSA-WF2X-8W6J-QW37 view_component Cross-site Scripting vulnerability
Impact What kind of vulnerability is it? Who is impacted? This is an XSS vulnerability that has the potential to impact anyone rendering a component directly from a controller with the viewcomponent gem. Note that only components that define a call method i.e. instead of using a sidecar template...
view_component Cross-site Scripting vulnerability
Impact What kind of vulnerability is it? Who is impacted? This is an XSS vulnerability that has the potential to impact anyone rendering a component directly from a controller with the viewcomponent gem. Note that only components that define a call method i.e. instead of using a sidecar template...
view_component Cross-site Scripting vulnerability
Impact What kind of vulnerability is it? Who is impacted? This is an XSS vulnerability that has the potential to impact anyone rendering a component directly from a controller with the viewcomponent gem. Note that only components that define a call method i.e. instead of using a sidecar template...
Design/Logic Flaw
DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL 0x800020F4 with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for partial input...
CVE-2018-19522
DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL 0x800020F4 with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for partial input...