flag content vulnerabilities and exploits

(subscribe to this query)

The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook prior to 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote malicious users to obtain cleartext contents of e-mail messages that were intended to be enc...

Cisco Ironport Desktop Flag Plugin For Outlook 6.2.4.3 Cisco Ironport Desktop Flag Plugin For Outlook

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive informatio...

Ddsn Cm3 Acora Content Management System 6.0.2\\/1a Ddsn Cm3 Acora Content Management System 5.5.7\\/12b Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1 Ddsn Cm3 Acora Content Management System 6.0.6\\/1a

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmis...

Ddsn Cm3 Acora Content Management System 6.0.6\\/1a Ddsn Cm3 Acora Content Management System 5.5.7\\/12b Ddsn Cm3 Acora Content Management System 6.0.2\\/1a Ddsn Cm3 Acora Content Management System 5.5.0\\/1b-p1

A vulnerability in the Protection Against Distributed Denial of Service Attacks feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to conduct denial of service (DoS) attacks to or through the affected device. This vulnerability is due to incorr...

Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote malicious users to bypass intended access restrictions by sending packets that should have been recog...

Cisco Ios 12.2\\(33\\)sxj9

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

Apple Iphone Os Apple Tvos Apple Watchos Apple Safari Apple Icloud Apple Itunes Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

1 EDB exploit

Cross-site scripting (XSS) vulnerability in the Flag Content module 5.x-2.x prior to 5.x-2.10 for Drupal allows remote malicious users to inject arbitrary web script or HTML via the Reason parameter.

Khalid Baheyeldin Flag Content 5.x-2.5 Khalid Baheyeldin Flag Content 5.x-2.6 Khalid Baheyeldin Flag Content 5.x-2.7 Khalid Baheyeldin Flag Content 5.x-2.8 Khalid Baheyeldin Flag Content 5.x-2.2 Khalid Baheyeldin Flag Content 5.x-2.4 Khalid Baheyeldin Flag Content 5.x-2.0 Khalid Baheyeldin Flag Content 5.x-2.1 Khalid Baheyeldin Flag Content 5.x-2.9 Khalid Baheyeldin Flag Content 5.x-2.x-dev

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78...

Mozilla Thunderbird Mozilla Firefox Esr Mozilla Firefox Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 20.04 Canonical Ubuntu Linux 16.04

The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access ...

Google Android 12.0 Google Android 13.0

The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had acc...

Google Android 12.0 Google Android 13.0

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook