Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2020-26768

Formstone =1.4.16 is vulnerable to a Reflected Cross-Site Scripting XSS vulnerability caused by improper validation of user supplied input in the upload-target.php and upload-chunked.php files. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in...

Cross site scripting

Formstone =1.4.16 is vulnerable to a Reflected Cross-Site Scripting XSS vulnerability caused by improper validation of user supplied input in the upload-target.php and upload-chunked.php files. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in...

Cross site scripting

Cute Editor for ASP.NET 6.4 is vulnerable to reflected cross-site scripting XSS caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's Web browser within the security context of the...

CVE-2020-8339

A cross-site scripting inclusion XSSI vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module AMM web interface prior to version 3.68n BPET68N. This vulnerability could allow an authenticated user's AMM credentials to be disclosed if the user is convinced to visit a...

Ubuntu 18.04 LTS / 20.04 LTS : WebKitGTK vulnerabilities (USN-4444-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4444-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a maliciou...

CVE-2016-11081

An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser...

Microsoft Edge Spoofing Vulnerability (CNVD-2020-61591)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A security vulnerability exists in Microsoft Edge based on Chromium IE mode, which arises from the program not handling specific redirects correctly. The vulnerability can be exploited by...

Ubuntu 18.04 LTS / 20.04 LTS : WebKitGTK vulnerability (USN-4347-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4347-1 advisory. A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website...

Ubuntu 18.04 LTS : WebKitGTK+ vulnerability (USN-4331-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4331-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote...

Ubuntu 18.04 LTS : WebKitGTK+ vulnerability (USN-4310-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4310-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote...

Ubuntu 18.04 LTS : WebKitGTK+ vulnerabilities (USN-4281-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4281-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...

Ubuntu 18.04 LTS : WebKitGTK+ vulnerabilities (USN-4261-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4261-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...

Oracle E-Business Suite CVE-2020-2591 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in 'Oracle Web Applications Desktop Integrator' product. This vulnerability can be exploited over the 'HTTP' protocol. The 'Application Service' component is affected. This vulnerability affects the following supporte...

SAP NetWeaver Process Integration CVE-2020-6305 Cross Site Scripting Vulnerability

Description SAP NetWeaver Process Integration is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

Oracle Java SE CVE-2020-2655 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTPS' protocol. This issue affects the 'JSSE' component. This vulnerability affects the following supported versions: Java SE: 11.0.5, 13.0.1 Technologies Affected Oracle JDKLinux...

Oracle Java SE CVE-2020-2585 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'JavaFX' component. This vulnerability affects the following supported versions: Java SE: 8u241 Technologies Affected Oracle JDKLinux Producti...

Oracle Java SE CVE-2020-2654 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0.1 Technologies Affecte...

Oracle Java SE/Java SE Embedded CVE-2020-2590 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0....

CVE-2019-18893

CVE-2019-18893 involves an XSS flaw in the Video Downloader component (pre-1.5) of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77. The vulnerability lets an attacker’s website execute code in the context of this component. Although Video Downloader is a browser extension, i...