Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:5 a.m.5 views

CVE-2019-20536

An issue was discovered on Samsung mobile devices with N7.1, O8.x, and P9.0 released in China software. The Firewall application mishandles the PermissionWhiteLists protection mechanism. The Samsung ID is SVE-2019-14299 November 2019...

9.8CVSS7.1AI score0.00426EPSS
Exploits0References1
OSV
OSV
added 2024/03/22 4:30 p.m.41 views

GHSA-C9GP-64C4-2RRH Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass

Summary Grav CMS is vulnerable to a Server-Side Template Injection SSTI, which allows any authenticated user editor permissions are sufficient to execute arbitrary code on the remote server bypassing the existing security sandbox. Details The Grav CMS implements a custom sandbox to protect the...

8.8CVSS9.2AI score0.0576EPSS
Exploits4References4
The Hacker News
The Hacker News
added 2021/06/18 1:7 p.m.40 views

Russia bans VyprVPN, Opera VPN services for not complying with blacklist request

Russia's telecommunications and media regulator Roskomnadzor RKN on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country. "In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal,...

1.7AI score
Exploits0
CNVD
CNVD
added 2017/11/06 12:0 a.m.4 views

Catalyst Mahara Server-Side Request Forgery Vulnerability

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A security vulnerability exists in Catalyst Mahara, which stems from the program's failure to detect black and white lists for all processes redirecte...

8CVSS6.9AI score0.00721EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/10/11 6:0 p.m.37 views

CVE-2017-0903

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution...

9.8CVSS10AI score0.15853EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2017/10/11 12:0 a.m.37 views

CVE-2017-0903

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution...

9.8CVSS7.5AI score0.15853EPSS
Exploits1References8
ThreatPost
ThreatPost
added 2010/06/02 4:37 p.m.126 views

Microsoft Releases Anti-XSS Web Protection Library

Microsoft has released an open-source Web Protection Library WPL to help developers protect web sites from cross-site scripting attacks. The WPL, which is a set of .NET assemblies, is being offered as part of a defense in depth strategy to add an extra layer to any validation or secure coding...

9.3CVSS0.5AI score0.99945EPSS
Exploits33References1
Rows per page
Query Builder