CVE-2017-12842
Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing...
Bitcoin Core before 0.14 allows an attacker to create an ostensibly valid SPV proof for a payment to a victim who uses an SPV wallet, even if that payment did not actually occur. Completing...
Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts. Date published : 2020-03-16 https://sysdream.com/news/lab/ https://sysdream.com/news/lab/2019-10-25-cve-2018-13063-easy-appointments-multiple-confidential-information-leakage/
Easy!Appointments 1.3.0 has a Guessable CAPTCHA issue. Date published : 2020-03-16 https://sysdream.com/news/lab/ https://sysdream.com/news/lab/2019-10-25-cve-2018-13060-easy-appointments-captcha-bypass/
Contao before 4.5.7 has XSS in the system log. Date published : 2020-03-16 https://contao.org/en/security-advisories/cross-site-scripting-in-the-system-log.html
For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware...
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. Date...
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue...
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force...
IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be...
cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account suspensions (SEC-508). Date published : 2020-03-16 https://documentation.cpanel.net/display/CL/82+Change+Log
The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote attackers to view release version information in projects that they do not have access to through an...
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG...
Oxygen XML Editor 21.1.1 allows XXE to read any file. Date published : 2020-03-16 https://medium.com/@Pablo0xSantiago/cve-2019-20191-oxygen-xml-editor-21-1-1-allows-xxe-216b816f312b
The EditApplinkServlet resource in the Atlassian Application Links plugin before version 5.4.20, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.1, and from version 7.1.0...