CVE-2014-6413
A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11.8.3 via the poll_name parameter in the firewall/policy script.
Source: CVE-2014-6413
[월:] 2020년 02월
CVE-2014-7224
CVE-2014-7224
A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code.
Source: CVE-2014-7224
CVE-2008-3793
CVE-2008-3793
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3792. Reason: This candidate is a duplicate of CVE-2008-3792. Notes: All CVE users should reference CVE-2008-3792 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Source: CVE-2008-3793
CVE-2010-4658
CVE-2010-4658
statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.
Source: CVE-2010-4658
CVE-2020-8126
CVE-2020-8126
A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don’t fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15).
Source: CVE-2020-8126
CVE-2019-16155
CVE-2019-16155
A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more, FortiClient for Linux 6.2.2 and below allow low privilege user write the system backup file under root privilege through GUI thus can cause root system file overwrite.
Source: CVE-2019-16155
CVE-2019-15606
CVE-2019-15606
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons
Source: CVE-2019-15606
CVE-2019-15605
CVE-2019-15605
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
Source: CVE-2019-15605
CVE-2014-9530
CVE-2014-9530
A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impact.
Source: CVE-2014-9530
CVE-2019-15604
CVE-2019-15604
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate
Source: CVE-2019-15604