| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165. |
| Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors. |
| Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting |
| A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22. |
| Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure |
| Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol |
| Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input |
| Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness |
| Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness |
| Cryptocat before 2.0.22 has Remote Denial of Service via username |
| Varnish HTTP cache before 3.0.4: ACL bug |
| Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism. |
| IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176. |
| IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138. |
| Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass |
| Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call. |
| Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header. |
| The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag. |
| Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag. |
| Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability |
