| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the orderby parameter. |
| The PieChart gadget in Atlassian Jira before version 7.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a project or filter. |
| The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability. |
| It was possible for double OGNL evaluation in certain redirect action and in WebWork URL and Anchor tags in JSP files to occur. An attacker who can access the web interface of Fisheye or Crucible or who hosts a website that a user who can access the web interface of Fisheye or Crucible visits, is able to exploit this vulnerability to execute Java code of their choice on systems that run a vulnerable version of Fisheye or Crucible. All versions of Fisheye and Crucible before 4.4.5 (the fixed version for 4.4.x) and from 4.5.0 before 4.5.2 (the fixed version for 4.5.x) are affected by this vulnerability. |
| The invalidRedirectUrl template in Atlassian Application Links before version 5.2.7, from version 5.3.0 before version 5.3.4 and from version 5.4.0 before version 5.4.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the redirectUrl parameter link in the redirect warning message. |
| The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command parameter. |
| The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 allowed an attacker to impersonate a Crowd user in REST requests by being able to authenticate to a directory bound to an application using the feature. Given the following situation: the Crowd application is bound to directory 1 and has a user called admin and the Google Apps application is bound to directory 2, which also has a user called admin, it was possible to authenticate REST requests using the credentials of the user coming from directory 2 and impersonate the user from directory 1. |
| Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed. |
| The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true" in AndroidManifest.xml, which allows attackers to obtain sensitive cleartext information via an "adb backup '-f smart.calculator.gallerylock'" command. |
| The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions. |
| A Directory Traversal issue was discovered in the Foxit MobilePDF app before 6.1 for iOS. This occurs by abusing the URL + escape character during a Wi-Fi transfer, which could be exploited by attackers to bypass intended restrictions on local application files. |
| A denial-of-service issue was discovered in the Foxit MobilePDF app before 6.1 for iOS. This occurs when a user uploads a file that includes a hexadecimal Unicode character in the "filename" parameter via Wi-Fi, since the app could fail to parse this. |
| An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are then bound to the form. At this stage there is no difference anymore between submitted POST data and uploaded files. A user can send a crafted HTTP request where the value of a "FileType" is sent as normal POST data that could be interpreted as a local file path on the server-side (for example, "file:///etc/passwd"). If the application did not perform any additional checks about the value submitted to the "FileType", the contents of the given file on the server could have been exposed to the attacker. |
| An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz). |
| Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors. |
| Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode. |
| Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter. |
| Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter. |
| File and directory information exposure vulnerability in SYNO.SurveillanceStation.PersonalSettings.Photo in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to obtain other user's sensitive files via the filename parameter. |
| Exposure of private information vulnerability in Photo Viewer in Synology Photo Station 6.8.1-3458 allows remote attackers to obtain metadata from password-protected photographs via the map viewer mode. |
