βΌ CVE-2023-26913 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS Imaging) < 6.21.5 is vulnerable to Cross Site Scripting (XSS) via new_movie. php.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24537 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8762 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-0582 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8673 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1569 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument U_NAME with the input <script>alert('1')</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223561 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24459 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
β Google Pixel phones had a serious data leakage bug β hereβs what to do! β
π Read
via "Naked Security".
What if the "safe" images you shared after carefully cropping them... had some or all of the "unsafe" pixels left behind anyway?π Read
via "Naked Security".
Naked Security
Google Pixel phones had a serious data leakage bug β hereβs what to do!
What if the βsafeβ images you shared after carefully cropping themβ¦ had some or all of the βunsafeβ pixels left behind anyway?
β Windows 11 also vulnerable to βaCropalypseβ image data leakage β
π Read
via "Naked Security".
Turns out that the Windows 11 Snipping Tool has the same "aCropalypse" data leakage bug as Pixel phones. Here's how to work around the problem...π Read
via "Naked Security".
Naked Security
Windows 11 also vulnerable to βaCropalypseβ image data leakage
Turns out that the Windows 11 Snipping Tool has the same βaCropalypseβ data leakage bug as Pixel phones. Hereβs how to work around the problemβ¦
β€1π1
βΌ CVE-2023-22260 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22266 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22264 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22253 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22252 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22261 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22269 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22259 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21616 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25860 βΌ
π Read
via "National Vulnerability Database".
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22254 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25862 βΌ
π Read
via "National Vulnerability Database".
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".