11 matches found
EUVD-2018-20578
Malware in sbrugna...
EUVD-2021-1066
Malware in sbrugna...
SUSE-SU-2023:0362-1 Security update for grafana
This update for grafana fixes the following issues: - Version update from 8.5.13 to 8.5.15 jscPED-2617: CVE-2022-39306: Security fix for privilege escalation bsc1205225 CVE-2022-39307: Omit error from http response when user does not exists bsc1205227 CVE-2022-39201: Do not forward login cookie i...
CVE-2021-37997
Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page...
Open redirect
Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user sign-in/out process...
CVE-2021-21310 Token verification bug in next-auth
NextAuth.js next-auth is am open source authentication solution for Next.js applications. In next-auth before version 3.3.0 there is a token verification vulnerability. Implementations using the Prisma database adapter in conjunction with the Email provider are impacted. Implementations using the...
Cross Site Request Forgery (CSRF)
github.com/gogs/gog is vulnerable to cross-site request forgery CSRF attack. The library does not properly validate the token for user sign-in process, allowing a malicious user to launch a cross-site request forgery attack...
Livefyre LiveComments Plugin - Persistent Cross-Site Scripting
Title : Stored XSS in Livefyre LiveComments Plugin CVE : 2014-6420 Vendor Homepage : http://livefyre.com Software Link : http://web.livefyre.com/streamhub/liveComments Version : v3.0 Author : Brij Kishore Mishra Date : 03-Sept-2014 Tested On : Chrome 37, Ubuntu 14.04 Description : This plugin...
Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
Naymz multiple XSS
Naymz is a online profile system with positive and accurate information that you want others to find when they search for you online. Community Search fails to sanitize: 1."scriptalert'xss'/script...