3141 matches found
chromium-browser: Insufficient data validation in webUI
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...
CVE-2019-5321
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...
Design/Logic Flaw
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...
CVE-2019-5321
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...
CVE-2019-5321
CVE-2019-5321 affects Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware versions: 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, and 16.10.* before 16.10.0003. The issue is a vulnerability in the Web Management Interface that allows Remote ...
CVE-2020-6535
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...
DEBIAN-CVE-2020-6535
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...
CVE-2020-6535
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...
CVE-2020-6535
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...
CVE-2020-6535
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...
openSUSE Security Update : chromium (openSUSE-2020-1020)
This update for chromium fixes the following issues : - Update to 84.0.4147.89 boo1174189 : - Critical CVE-2020-6510: Heap buffer overflow in background fetch. - High CVE-2020-6511: Side-channel information leakage in content security policy. - High CVE-2020-6512: Type Confusion in V8. - High...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1020-1 Rating: important References: 1174189 Cross-References: CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1021-1 Rating: important References: 1174189 Cross-References: CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519...
CVE-2020-4104
HCL BigFix WebUI is vulnerable to stored cross-site scripting XSS within the Apps-Software module. An attacker can use XSS to send a malicious script to an unsuspecting user. This affects all versions prior to latest releases as specified in...
Cross site scripting
HCL BigFix WebUI is vulnerable to stored cross-site scripting XSS within the Apps-Software module. An attacker can use XSS to send a malicious script to an unsuspecting user. This affects all versions prior to latest releases as specified in...
CVE-2020-4104
HCL BigFix WebUI is vulnerable to stored cross-site scripting XSS within the Apps-Software module. An attacker can use XSS to send a malicious script to an unsuspecting user. This affects all versions prior to latest releases as specified in...
CVE-2020-4104
CVE-2020-4104 affects HCL BigFix WebUI (Apps->Software module). The vulnerability is a stored XSS flaw caused by lack of proper validation of client data in the web application, allowing an attacker to deliver malicious scripts to authenticated users and execute client-side code. Impact is des...
ClearPass Policy Manager Unauthenticated Remote Command Execution Exploit
!/usr/bin/env bash ClearPass Policy Manager Unauthenticated Remote Command Execution in the WebUI CVE-2020-7115 For best results use OpenSSL/libcrypto shipped with RHEL/CentOS 7.x. Questions? Contact email protected. if "$" -ne 4 ; then echo "Usage: basename $0 remote host remote port local host...
ClearPass Policy Manager Unauthenticated Remote Command Execution
!/usr/bin/env bash ClearPass Policy Manager Unauthenticated Remote Command Execution in the WebUI CVE-2020-7115 For best results use OpenSSL/libcrypto shipped with RHEL/CentOS 7.x. Questions? Contact [email protected]. if "$" -ne 4 ; then echo "Usage: basename $0 remote host remote port...