StarWind SAN and NAS v0.2 build 1914 allow remote code execution.Read More ...
Continue ReadingJune 03, 2022
qDecoder before 12.1.0 does not ensure that the percent character is followed by two hex digits for URL decoding.Read More ...
Continue ReadingJune 03, 2022
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.Read More ...
Continue ReadingJune 03, 2022
Cross-site Scripting (XSS) - Generic in GitHub repository neorazorx/facturascripts prior to 2022.09.Read More ...
Continue ReadingJune 03, 2022
In Real Player 20.0.8.310, there is a DCP:// URI Remote Arbitrary Code Execution Vulnerability. This is an internal URL Protocol used by Real Player to reference a file that contains an URL. It is pos ...
Continue ReadingJune 03, 2022
In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to pl ...
Continue ReadingJune 03, 2022
In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.Read More ...
Continue ReadingJune 03, 2022
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue ReadingJune 03, 2022
Back to Main