[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 247237 Download | Alert*

GitLab 10.7 and later through 12.7.2 has Incorrect Access Control.

GitLab EE 8.9 and later through 12.7.2 has Insecure Permission

A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session identifier cannot be accessed as it is stored in an http-only cookie as of v3.2.2. On older versions, however, under specific circumstances, it could be possible to steal the session identifier and gai ...

Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.

Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event.

An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.

Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the gallery app.

A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation.

A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer.

A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received.


Pages:      Start    11562    11563    11564    11565    11566    11567    11568    11569    11570    11571    11572    11573    11574    11575    ..   24723

© SecPod Technologies