➤ Team Security Exploits News / Sichterheitslücken Nachrichten
225.834x Beiträge in dieser Kategorie



[ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [9] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ]
❥ Low CVE-2021-23958: Mozilla Firefox
The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability... weiterlesen
❥ Medium CVE-2021-23960: Mozilla Firefox
Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability... weiterlesen
❥ Low CVE-2021-23977: Mozilla Firefox
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application... weiterlesen
❥ Low CVE-2021-23955: Mozilla Firefox
The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability... weiterlesen
❥ Medium CVE-2021-23962: Mozilla Firefox
... weiterlesen
❥ Medium CVE-2021-23954: Mozilla Firefox
Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially... weiterlesen
❥ Low CVE-2021-23968: Debian Debian linux
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed... weiterlesen
❥ Low CVE-2021-23956: Mozilla Firefox
An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed... weiterlesen
❥ Medium CVE-2020-24455: Tpm2 software stack project Tpm2 software stack
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access.... weiterlesen
❥ Smarty up to 3.1.38 Function code injection
A vulnerability was found in Smarty up to 3.1.38 (Customer Relationship Management System). It has been declared as critical. This vulnerability affects... weiterlesen
❥ Smarty up to 3.1.38 Sandbox Mode $smarty.template_object sandbox
A vulnerability was found in Smarty up to 3.1.38 (Customer Relationship Management System). It has been classified as critical. This affects the function... weiterlesen
❥ Botan up to 2.17.2 unknown vulnerability [CVE-2021-24115]
A vulnerability was found in Botan up to 2.17.2 and classified as problematic. Upgrading to version 2.17.3 eliminates this vulnerability. The upgrade is... weiterlesen
❥ Django up to 3.0.2 ASGI channels.http.AsgiHandler information disclosure
A vulnerability has been found in Django up to 3.0.2 (Content Management System) and classified as critical. Affected by this vulnerability is the function... weiterlesen
❥ Acronis Cyber Protect up to 15 Console cross site scripting
A vulnerability, which was classified as problematic, was found in Acronis Cyber Protect up to 15. Affected is an unknown functionality of the component... weiterlesen
❥ MantisBT up to 2.24.3 Custom Field manage_custom_field_update.php helper_ensure_confirmed unknown vulnerability
A vulnerability, which was classified as critical, has been found in MantisBT up to 2.24.3 (Bug Tracking Software). This issue affects the function helper_ensure_confirmed... weiterlesen
❥ Medium CVE-2021-26701: Microsoft .NET
... weiterlesen
❥ OpenEnergyMonitor EmonCMS up to 10.2.7 schedule.php node cross site scripting
A vulnerability classified as problematic has been found in OpenEnergyMonitor EmonCMS up to 10.2.7. This affects an unknown code block of the file Modules/input/Views/schedule.php.... weiterlesen
❥ Digium Asterisk up to 16.16.0/17.9.1/18.2.0 WebRTC Client res_rtp_asterisk.c stack-based overflow
A vulnerability was found in Digium Asterisk up to 16.16.0/17.9.1/18.2.0 (Communications System). It has been rated as critical. Affected by this issue... weiterlesen
❥ BloodHound up to 4.0.1 GenericAll.jsx objectId command injection
A vulnerability was found in BloodHound up to 4.0.1. It has been declared as critical. Affected by this vulnerability is an unknown part of the file components/Modals/HelpTexts/GenericAll/GenericAll.jsx.... weiterlesen
❥ Webware WebDesktop 5.1.15 server-side request forgery [CVE-2021-3204]
A vulnerability was found in Webware WebDesktop 5.1.15. It has been classified as problematic. Affected is some unknown functionality. There is no information... weiterlesen
❥ slashify Package 1.0.0 on Node.js Localhost redirect
A vulnerability was found in slashify Package 1.0.0 on Node.js (JavaScript Library) and classified as critical. This issue affects an unknown functionality... weiterlesen
❥ Visualware MyConnection Server prior 11.0b Build 5382 Reports access control
A vulnerability has been found in Visualware MyConnection Server and classified as critical. This vulnerability affects an unknown function of the component... weiterlesen
❥ Telegram App Terminate Session session expiration [CVE-2021-27351]
A vulnerability, which was classified as critical, was found in Telegram App (the affected version unknown). This affects some unknown processing of the... weiterlesen
❥ Yeastar NeoGate TG400 91.3.0.3 pathname traversal [CVE-2021-27328]
A vulnerability, which was classified as problematic, has been found in Yeastar NeoGate TG400 91.3.0.3. Affected by this issue is an unknown code block.... weiterlesen
❥ Zoho ManageEngine ADSelfService Plus up to 6013 Administrative Interface server-side request forgery
A vulnerability classified as critical was found in Zoho ManageEngine ADSelfService Plus up to 6013. Affected by this vulnerability is an unknown code... weiterlesen
❥ Sangoma Asterisk up to 16.8-cert5/16.16.0/17.9.1/18.2.0 WebRTC Client res_rtp_asterisk.c stack-based overflow
A vulnerability classified as critical has been found in Sangoma Asterisk up to 16.8-cert5/16.16.0/17.9.1/18.2.0 (Communications System). Affected is an... weiterlesen
❥ Livy Server 0.7.0-incuincubating Session Name cross site scripting
A vulnerability was found in Livy Server 0.7.0-incuincubating. It has been rated as problematic. This issue affects some unknown functionality of the component... weiterlesen
❥ CVE-2021-21314
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI... weiterlesen
❥ CVE-2021-27931
LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request... weiterlesen
❥ CVE-2021-21312
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI... weiterlesen
❥ CVE-2021-21313
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI... weiterlesen
❥ CVE-2021-27935
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the... weiterlesen
❥ CVE-2021-27839
A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting... weiterlesen
❥ Webberz SQL İnjection article.php?id
... weiterlesen
❥ parameters.yml Config Vulnerable File
... weiterlesen
❥ Triconsole 3.75 Cross Site Scripting
... weiterlesen
❥ Developed by - Animax Technology. ->Baypas admin
... weiterlesen
❥ Low CVE-2021-0404: Google Android
In mobile_log_d, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System... weiterlesen
❥ Medium CVE-2021-0405: Google Android
In performance driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System... weiterlesen
❥ Medium CVE-2021-0402: Google Android
In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution... weiterlesen
❥ Low CVE-2021-0403: Google Android
In netdiag, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution... weiterlesen
❥ Medium CVE-2021-0401: Google Android
In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen
❥ Medium CVE-2021-0366: Google Android
In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen
❥ Medium CVE-2021-0367: Google Android
In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges... weiterlesen
❥ Low CVE-2021-23975: Mozilla Firefox
The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was... weiterlesen
❥ Low CVE-2021-23959: Mozilla Firefox
An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected... weiterlesen
❥ Low CVE-2021-23971: Mozilla Firefox
When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted... weiterlesen
❥ Medium CVE-2021-23976: Mozilla Firefox
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp... weiterlesen
❥ Low CVE-2021-23957: Mozilla Firefox
Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for... weiterlesen
❥ Low CVE-2021-23974: Mozilla Firefox
The DOMParser API did not properly process '' elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability... weiterlesen
225.834x Beiträge in dieser Kategorie



[ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [9] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ]
RSS Feeds vom IT News Nachrichtenportal Team Security abonieren
27x RSS Feed QuellenRSS Feed Unterkategorien von Team Security Exploits News / Sichterheitslücken Nachrichten: 2x
RSS Feed Kategorie von IT News Nachrichtenportal Team Security Exploits abonieren
![Validate my RSS feed [Valid RSS]](/image/valid-rss-rogers.png)
Eigene RSS Feed Quelle hinzufügen [IT Security Webseite, Blog, sonstige Quelle]
RSS Reader Empfehlung
Benutze Feedly zum Abonieren von RSS Feeds .
Als weitere Online Plattform empfiehlt sich InnoReader RSS Online Web Reader
Es empfiehlt sich für Chrome Erweiterung "RSS-Abonnement" (von Google) oder für Firefox Addon / Erweiterung Awesome RSS