Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... Result(s) : 173488

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2020-08-10 CVE-2020-15658 cve The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading t...
N/A 2020-08-10 CVE-2020-15657 cve Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation...
N/A 2020-08-10 CVE-2020-15656 cve JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in t...
N/A 2020-08-10 CVE-2020-15655 cve A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. T...
N/A 2020-08-10 CVE-2020-15654 cve When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could le...
N/A 2020-08-10 CVE-2020-15653 cve An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configur...
N/A 2020-08-10 CVE-2020-15652 cve By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed...
4.3 2020-08-10 CVE-2020-15651 cve A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability...
5.5 2020-08-10 CVE-2020-15650 cve Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *N...
5.5 2020-08-10 CVE-2020-15649 cve Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: Thi...
6.5 2020-08-10 CVE-2020-15648 cve Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 7...
7.4 2020-08-10 CVE-2020-15647 cve A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies f...
N/A 2020-08-10 CVE-2020-9529 cve Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege e...
N/A 2020-08-10 CVE-2020-9528 cve Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic...
N/A 2020-08-10 CVE-2020-9527 cve Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devi...
N/A 2020-08-10 CVE-2020-9526 cve CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the net...
N/A 2020-08-10 CVE-2020-9525 cve CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle a...
5.5 2020-08-10 CVE-2020-8229 cve A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.
7.8 2020-08-10 CVE-2020-8224 cve A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.
8.8 2020-08-10 CVE-2020-6145 cve An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can cause an SQL injection. An attacke...
Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... Result(s) : 173488