[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

137225

 
 

909

 
 

112105

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 2222 Download | Alert*

A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.

A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby ...

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux ...

Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9 ...

Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

The host is missing a high severity security update according to Google advisory. The update is required to fix a use-after-free vulnerability. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact.

The host is missing a high severity security update according to Google advisory. The update is required to fix a use-after-free vulnerability. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact.

The host is installed with Google Chrome before 79.0.3945.88 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

The host is installed with Google Chrome before 79.0.3945.88 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   222

© SecPod Technologies