Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
Oracle Database Protection Mechanism Bypass
13.12.2021
Moritz Bechler
CVEMAP Search Results
CVE
Details
Description
2024-10-08
CVE-2024-43585
Updating...
Code Integrity Guard Security Feature Bypass Vulnerability
2024-09-17
CVE-2024-46976
Updating...
Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. users are advised to upgrade. There are no known workarounds for this vulnerability.
2024-09-10
CVE-2024-38217
Updating...
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38226
Updating...
Microsoft Publisher Security Feature Bypass Vulnerability
CVE-2024-43487
Updating...
Windows Mark of the Web Security Feature Bypass Vulnerability
2024-09-09
CVE-2024-45411
Updating...
Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0.
2024-08-13
CVE-2024-38180
Updating...
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2024-38213
Updating...
Windows Mark of the Web Security Feature Bypass Vulnerability
2024-07-15
CVE-2024-6741
Updating...
Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled.
2023-12-29
CVE-2023-4466
Updating...
A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be launched remotely. The vendor explains that they do not regard this as a vulnerability as this is a feature that they offer to their customers who have a variety of environmental needs that are met through different firmware builds. To avoid potential roll-back attacks, they remove vulnerable builds from the public servers as a remediation effort. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249259.
Copyright
2024
, cxsecurity.com
Back to Top