Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
Oracle Database Protection Mechanism Bypass
13.12.2021
Moritz Bechler
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2024-10-08
CVE-2024-43585
Updating...
Code Integrity Guard Security Feature Bypass Vulnerability
2024-09-17
CVE-2024-46976
Updating...
Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. users are advised to upgrade. There are no known workarounds for this vulnerability.
2024-09-10
CVE-2024-38217
Updating...
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38226
Updating...
Microsoft Publisher Security Feature Bypass Vulnerability
CVE-2024-43487
Updating...
Windows Mark of the Web Security Feature Bypass Vulnerability
2024-09-09
CVE-2024-45411
Updating...
Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0.
2024-08-13
CVE-2024-38180
Updating...
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2024-38213
Updating...
Windows Mark of the Web Security Feature Bypass Vulnerability
2024-07-15
CVE-2024-6741
Updating...
Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled.
2023-12-29
CVE-2023-4466
Updating...
A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be launched remotely. The vendor explains that they do not regard this as a vulnerability as this is a feature that they offer to their customers who have a variety of environmental needs that are met through different firmware builds. To avoid potential roll-back attacks, they remove vulnerable builds from the public servers as a remediation effort. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249259.
Copyright
2024
, cxsecurity.com
Back to Top