Show filters
96 topics marked with the following tags:
Displaying 31-40 of 96
Requires user interaction
Sort by:
Attacker Value
Very Low

CVE-2020-1094

Disclosure Date: April 15, 2020 (last updated October 06, 2023)
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
1
Attacker Value
Moderate

CVE-2021-35501

Disclosure Date: June 25, 2021 (last updated October 07, 2023)
PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. When a user or an administrator visits the console, the XSS payload will be executed.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
1
1
Attacker Value
High

CVE-2023-35636

Disclosure Date: December 12, 2023 (last updated December 15, 2023)
Microsoft Outlook Information Disclosure Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
2
1
Attacker Value
Moderate

CVE-2021-38603

Disclosure Date: August 12, 2021 (last updated October 07, 2023)
PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
1
1
Attacker Value
Low

CVE-2021-38406

Disclosure Date: September 09, 2021 (last updated October 07, 2023)
Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
3
1
Attacker Value
Very Low

CVE-2020-5261

Disclosure Date: March 25, 2020 (last updated October 06, 2023)
Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detection is an important defence in depth measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 is not affected. It has a correct Token Replay Implementation and is safe to use. Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 have a faulty implementation of Token Replay Detection. Token Replay Detection is an important defense measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 and prior versions are not affected. These versions have a correct Token Replay Implementation and are safe to use.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
1
Attacker Value
High

CVE-2022-21840

Disclosure Date: January 11, 2022 (last updated December 21, 2023)
Microsoft Office Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
1
1
Attacker Value
High

CVE-2023-24935

Disclosure Date: April 11, 2023 (last updated October 08, 2023)
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
2
1
Attacker Value
High

CVE-2023-33131

Disclosure Date: June 14, 2023 (last updated October 08, 2023)
Microsoft Outlook Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
2
1
Attacker Value
Very Low

CVE-2020-5308

Disclosure Date: January 07, 2020 (last updated November 15, 2023)
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName parameter in add-product.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
1
View More Topics  < Previous  Next >