Tag: security

Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices.

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C.

Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.

sourcebans-pp (SourceBans++) 1.5.4.7 has XSS in admin.comms.php via the rebanid parameter.

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to inject arbitrary email headers.

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to obtain session information from users.

Cross-site scripting (XSS) vulnerability in “Schedule” function in Cybozu Office 9.0.0 through 10.4.0.

The “Project” function in Cybozu 9.0.0 through 10.4.0 allows remote authenticated users to read closed project information.

Cross-site scripting (XSS) vulnerability in the “Project” function in Cybozu Office 9.0.0 through 10.4.0.