CWE:
 

Tytuł
Data
Autor
Med.
Oracle Database Protection Mechanism Bypass
13.12.2021
Moritz Bechler


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-10-08
Waiting for details
CVE-2024-43585

Updating...
 

 
Code Integrity Guard Security Feature Bypass Vulnerability

 
2024-09-17
Waiting for details
CVE-2024-46976

Updating...
 

 
Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. users are advised to upgrade. There are no known workarounds for this vulnerability.

 
2024-09-10
Waiting for details
CVE-2024-38217

Updating...
 

 
Windows Mark of the Web Security Feature Bypass Vulnerability

 
Waiting for details
CVE-2024-38226

Updating...
 

 
Microsoft Publisher Security Feature Bypass Vulnerability

 
Waiting for details
CVE-2024-43487

Updating...
 

 
Windows Mark of the Web Security Feature Bypass Vulnerability

 
2024-09-09
Waiting for details
CVE-2024-45411

Updating...
 

 
Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0.

 
2024-08-13
Waiting for details
CVE-2024-38180

Updating...
 

 
Windows SmartScreen Security Feature Bypass Vulnerability

 
Waiting for details
CVE-2024-38213

Updating...
 

 
Windows Mark of the Web Security Feature Bypass Vulnerability

 
2024-07-15
Waiting for details
CVE-2024-6741

Updating...
 

 
Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled.

 
2023-12-29
Waiting for details
CVE-2023-4466

Updating...
 

 
A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be launched remotely. The vendor explains that they do not regard this as a vulnerability as this is a feature that they offer to their customers who have a variety of environmental needs that are met through different firmware builds. To avoid potential roll-back attacks, they remove vulnerable builds from the public servers as a remediation effort. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249259.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top