By Risk Score
By Publish Date
By Recent Activity
cve-2020-13671 vulnerabilities and exploits
(subscribe to this query)
** DISPUTED ** Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit. Note: It has been argued that this is not reproducible. "The original issue was that the task would be created and an alert would be...
Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the...
Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior...
2 Articles available
In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts....
A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects: Bitdefender Antivirus Free versions prior to 1.0.17....
A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 188.8.131.52....
5 Github repositories available
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 184.108.40.206 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 220.127.116.11, allows an attacker to load an arbitrary DLL file from the search path....
5 Articles available
In the Voatz application 2020-01-01 for Android, the amount of data transmitted during a single voter's vote depends on the different lengths of the metadata across the available voting choices, which makes it easier for remote attackers to discover this voter's choice...
An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the user and admin accounts can be taken over in a DOM-Based XSS attack....
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation....