Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, EX6100v2 before 1.0.1.50, EX6150v2 before 1.0.1.50, EX6200v2 before 1.0.1.44, EX6400 before 1.0.1.60, EX7300 before 1.0.1.60, R6100 before...
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R6400v2 before 1.0.2.34, R6700 before 1.0.1.30, R6900 before 1.0.1.30, R6900P before 1.0.0.62, R7000 before 1.0.9.12, R7000P before...
IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace on certain API requests which can allow an attacker further information about the implementation of the offering. IBM X-Force ID: 173311. Date published...
IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force...
A remote access to sensitive data vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Date published : 2020-04-24 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03947en_us
A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. Date published : 2020-04-24 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03947en_us
This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the...
A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user’s profile directory. One exploitation vector for this...
When following a link that opened an URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. *Note: This issue only affects Firefox for Android....
Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some...
Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume...
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private...
A malicious extension could have called browser.identity.launchWebAuthFlow, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user’s account at the service provider. This vulnerability affects Firefox...
On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to...