6 matches found
EUVD-2024-39573
Malicious code in bioql PyPI...
CVE-2022-32805
The issue was addressed with improved handling of caches. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to access sensitive user information...
CVE-2023-30743 Improper Neutralization of Input in SAPUI5
Due to improper neutralization of input in SAPUI5 - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, sap.m.FormattedText SAPUI5 control allows injection of untrusted CSS. This blocks user’s interaction with the application. Further, in the absence of URL validation by th...
CVE-2023-29850
SENAYAN Library Management System SLiMS Bulian v9.5.2 does not strip exif data from uploaded images. This allows attackers to obtain information such as the user's geolocation and device information...
Microsoft Internet Explorer does not properly interpret IFRAME elements when displaying URLs in the status bar
Overview Microsoft Internet Explorer does not properly display the location of HTML documents in the status bar. An attacker could exploit this behavior to mislead users into revealing sensitive information. Description Web browsers frequently display the Uniform Resource Locator URL in the statu...
vBulletin < 3.0.0 RC4 - Cross Site Scripting
vBulletin Cross Site Scripting Vendor: Jelsoft Enterprises Product: vBulletin Version: = 3.0.0 RC4 Website: http://www.vbulletin.com/ BID: 9887 9888 9889 9940 9943 Description: vBulletin is a powerful, scalable and fully customisable forums package for your web site. Based on the PHP language,...