Bugsink vulnerable to unauthenticated remote DoS via crafted Brotli input

bugsink bugsink

Parse Server allows public `explain` queries which may expose sensitive database performance information and schema details

parse-community parse-server

ProsemirrorToHtml: Cross-Site Scripting vulnerability through unescaped HTML attribute values

etaminstudio prosemirror_to_html

OAuth2-Proxy vulnerable to header smuggling via underscore, leading to potential privilege escalation

oauth2-proxy oauth2-proxy

OpenEXR has use after free in PyObject_StealAttrString

AcademySoftwareFoundation openexr AcademySoftwareFoundation openexr +2个

OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel()

AcademySoftwareFoundation openexr AcademySoftwareFoundation openexr +2个

OpenEXR Makes Use of Uninitialized Memory

AcademySoftwareFoundation openexr AcademySoftwareFoundation openexr +1个

changedetection.io vulnerable to stored XSS in Watch update via API

dgtlmoon changedetection.io changedetection changedetection

Combodo iTop vulnerable to reflected XSS in webservices/export.php

Combodo iTop Combodo iTop +1个

iTop admin can drop iTop database using webhooks

Combodo iTop Combodo iTop +1个

Combodo iTop vulnerable to IDOR with ModuleInstallation object

Combodo iTop combodo itop

Combodo iTop vulnerable to reflected XSS via objection edition form error

Combodo iTop Combodo iTop +1个

Combodo iTop has stored XSS in user portal's browse brick

Combodo iTop combodo itop

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed ...

Google Chrome google chrome

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed ...

Google Chrome google chrome

Google Chrome 安全漏洞

Google Chrome google chrome

Google Chrome 安全漏洞

Google Chrome google chrome

Google Chrome 安全漏洞

Google Chrome google chrome

Microsoft Edge 安全漏洞

Google Chrome google chrome

Microsoft Edge 安全漏洞

Google Chrome google chrome