[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26307 Download | Alert*

Mozilla Thunderbird before 78.9.1: An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, and the Thunderbird user imports the crafted key, then Thunderbird may try to use the invalid subkey, but the RNP library rejects it from being used, causing encrypti ...

The host is installed with Telegram Desktop before 2.8.8 and is prone to an inadequate encryption strength vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to make the server to receive messages in a different order than they were sent a client.

The host is installed with Atlassian Confluence Server before 7.4.10 or 7.5.x before 7.12.3 and is prone to a pre-authorization arbitrary file read vulnerability. A flaw is present in the application which fails to handle unspecified vectors. Successful exploitation allows remote attackers to view restricted resources.

The host is installed with Atlassian Confluence Server before 6.13.23, 6.14.x before 7.4.11, 7.5.x before 7.11.6 or 7.12.x before 7.12.5 and is prone to an OGNL injection vulnerability. A flaw is present in the application which fails to properly handle unspecified vectors. Successful exploitation allows attackers to execute arbitrary code on a Confluence Server or Data Center instance.

The host is installed with Zoho ManageEngine ADSelfService Plus before build 6114 and is prone to an authentication bypass vulnerability. A flaw is present in the application, which fails to handle the specially crafted Rest API URLs. Successful exploitation could allow attackers to bypass the security filter due to an error in normalizing the URLs before validation.

The host is installed with Zoho ManageEngine ServiceDesk Plus (SDP) before build 11306, Zoho ManageEngine ServiceDesk Plus MSP 10527 before 10530 or Zoho ManageEngine SupportCenter Plus before 11012 or 11013 and is prone to an unauthenticated remote code execution vulnerability. The flaws are present in the application, which fails to handle a security misconfiguration in the application. Successf ...

Visual Basic for Applications Information Disclosure Vulnerability

The host is installed with Zoho ManageEngine Desktop Central before 10.1.2137.10 and is prone to an improper privilege management vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows an authenticated user to change any user's login password.

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that does not sufficiently check or validate the allocated table variable EFI_BOOT_SERVICES. This can be used by an attacker to overwrite address location of any of the functions (FreePool,LocateHandleBuffer,HandleProtocol) to the address location of arbitrary code controlled by the attacker. On system cal ...

Microsoft Office Remote Code Execution Vulnerability


Pages:      Start    1720    1721    1722    1723    1724    1725    1726    1727    1728    1729    1730    1731    1732    1733    ..   2630

© SecPod Technologies