The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability... weiterlesen

Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability... weiterlesen

Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application... weiterlesen

The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability... weiterlesen

... weiterlesen

Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially... weiterlesen

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed... weiterlesen

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed... weiterlesen

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access.... weiterlesen

A vulnerability was found in Smarty up to 3.1.38 (Customer Relationship Management System). It has been declared as critical. This vulnerability affects... weiterlesen

A vulnerability was found in Smarty up to 3.1.38 (Customer Relationship Management System). It has been classified as critical. This affects the function... weiterlesen

A vulnerability was found in Botan up to 2.17.2 and classified as problematic. Upgrading to version 2.17.3 eliminates this vulnerability. The upgrade is... weiterlesen

A vulnerability has been found in Django up to 3.0.2 (Content Management System) and classified as critical. Affected by this vulnerability is the function... weiterlesen

A vulnerability, which was classified as problematic, was found in Acronis Cyber Protect up to 15. Affected is an unknown functionality of the component... weiterlesen

A vulnerability, which was classified as critical, has been found in MantisBT up to 2.24.3 (Bug Tracking Software). This issue affects the function helper_ensure_confirmed... weiterlesen

... weiterlesen

A vulnerability classified as problematic has been found in OpenEnergyMonitor EmonCMS up to 10.2.7. This affects an unknown code block of the file Modules/input/Views/schedule.php.... weiterlesen

A vulnerability was found in Digium Asterisk up to 16.16.0/17.9.1/18.2.0 (Communications System). It has been rated as critical. Affected by this issue... weiterlesen

A vulnerability was found in BloodHound up to 4.0.1. It has been declared as critical. Affected by this vulnerability is an unknown part of the file components/Modals/HelpTexts/GenericAll/GenericAll.jsx.... weiterlesen

A vulnerability was found in Webware WebDesktop 5.1.15. It has been classified as problematic. Affected is some unknown functionality. There is no information... weiterlesen

A vulnerability was found in slashify Package 1.0.0 on Node.js (JavaScript Library) and classified as critical. This issue affects an unknown functionality... weiterlesen

A vulnerability has been found in Visualware MyConnection Server and classified as critical. This vulnerability affects an unknown function of the component... weiterlesen

A vulnerability, which was classified as critical, was found in Telegram App (the affected version unknown). This affects some unknown processing of the... weiterlesen

A vulnerability, which was classified as problematic, has been found in Yeastar NeoGate TG400 91.3.0.3. Affected by this issue is an unknown code block.... weiterlesen

A vulnerability classified as critical was found in Zoho ManageEngine ADSelfService Plus up to 6013. Affected by this vulnerability is an unknown code... weiterlesen

A vulnerability classified as critical has been found in Sangoma Asterisk up to 16.8-cert5/16.16.0/17.9.1/18.2.0 (Communications System). Affected is an... weiterlesen

A vulnerability was found in Livy Server 0.7.0-incuincubating. It has been rated as problematic. This issue affects some unknown functionality of the component... weiterlesen

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI... weiterlesen

LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request... weiterlesen

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI... weiterlesen

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI... weiterlesen

An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the... weiterlesen

A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

... weiterlesen

In mobile_log_d, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System... weiterlesen

In performance driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System... weiterlesen

In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution... weiterlesen

In netdiag, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution... weiterlesen

In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen

In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen

In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was... weiterlesen

An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected... weiterlesen

When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted... weiterlesen

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp... weiterlesen

Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for... weiterlesen

The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability... weiterlesen