Author: Cyberthreat Blog

CVE-2017-8920

Posted by Cyberthreat Blog | Jun 6, 2017 | CVE Notifications |

irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.

CVE-2017-9452

Posted by Cyberthreat Blog | Jun 6, 2017 | CVE Notifications |

Cross-site scripting (XSS) vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.

CVE-2017-5243

Posted by Cyberthreat Blog | Jun 6, 2017 | CVE Notifications |

The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. As a result, it falls back to allowing ALL...

CVE-2015-9007

Posted by Cyberthreat Blog | Jun 6, 2017 | CVE Notifications |

In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.

CVE-2014-9946

Posted by Cyberthreat Blog | Jun 6, 2017 | CVE Notifications |

In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.

1
…
27,507
27,508
27,509
…
28,062