Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.
Publication date: Tue, 07 Mar 2023 14:15:00 +0000
Cyber News related to CVE-2023-1238
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
11 months ago Cisa.gov
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
5 months ago Tenable.com
CVE-2023-1238 - Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6. ...
1 year ago
CVE-2023-52797 - In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Check find_first_bit() return value We must check the return value of find_first_bit() before using the return value as an index array since it happens to overflow the ...
6 months ago Tenable.com
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
8 months ago Securelist.com
CVE-2019-1238 - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1239. ...
4 years ago
CVE-2019-1239 - A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1238. ...
4 years ago
CVE-2020-1238 - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1239. ...
3 years ago
CVE-2020-1239 - A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1238. ...
3 years ago
CVE-2003-1238 - Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. ...
16 years ago
CVE-2010-1238 - MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values. ...
11 months ago
CVE-2005-1238 - By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request. ...
7 years ago
CVE-2009-1238 - Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS ...
7 years ago
CVE-1999-1238 - Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges. ...
6 years ago
CVE-2014-1664 - The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file. ...
6 years ago
CVE-2007-1238 - Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (application crash) by attempting to insert a corrupted WMF file. ...
6 years ago
CVE-2006-1238 - SQL injection vulnerability in DSLogin 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the $log_userid variable in (1) index.php and (2) admin/index.php. Successful ...
6 years ago
CVE-2001-1238 - Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that ...
5 years ago
CVE-2017-1238 - IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...
5 years ago
CVE-2014-1238 - Cross-site scripting (XSS) vulnerability in ui/common/managedlistdialog.aspx in Gael Q-Pulse 0.6 and earlier. ...
4 years ago
CVE-2018-1238 - Dell EMC ScaleIO versions prior to 2.5, contain a command injection vulnerability in the Light Installation Agent (LIA). This component is used for central management of ScaleIO deployment and uses shell commands for certain actions. A remote ...
4 years ago
CVE-2011-1238 - Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local ...
4 years ago
CVE-2012-1238 - Session fixation vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack web sessions via unspecified vectors. Per: http://cwe.mitre.org/data/definitions/384.html 'CWE-384: Session Fixation' ...
12 years ago
CVE-2015-1238 - Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. ...
7 years ago