CVE-2023-3620

Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarteaucitron.js prior to v1.13.1.

Publication date: Tue, 11 Jul 2023 20:15:00 +0000

Cyber News related to CVE-2023-3620

Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
8 months ago Tenable.com

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server - Sig 11,887 p4api vs2017 static openssl3 p4api-2023.1.2468153-vs2017 static. Sig 11,847 p4api vs2017 static p4api-2023.1.2468153-vs2017 static. Sig 10,187 p4api vs2017 static vsdebug openssl3 p4api-2023.1.2468153-vs2017 static vsdebug. Sig 10,147 ...
1 year ago Microsoft.com

CVE-2023-3620 - Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarteaucitron.js prior to v1.13.1. ...
1 year ago

Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
10 months ago Securelist.com

CVE-2010-3629 - Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620. Per: ...
6 years ago

CVE-2007-5024 - EMC VMware Server before 1.0.4 Build 56528 writes passwords in cleartext to unspecified log files, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2005-3620. ...
16 years ago

CVE-2010-3620 - Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629. ...
6 years ago

CVE-2011-3620 - Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote attackers to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username. ...
12 years ago

CVE-2012-3620 - WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...
12 years ago

CVE-2007-3620 - Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to ...
12 years ago

CVE-2016-3620 - The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. ...
7 years ago

CVE-2008-6186 - Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via long (1) CWD and (2) MLST commands. ...
7 years ago

CVE-2015-3620 - Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 through 5.0.10 and 5.2.0 through 5.2.1 and FortiManager 5.0.3 through 5.0.10 and 5.2.0 through 5.2.1 allows remote attackers to inject ...
6 years ago

CVE-2006-3620 - Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to inject arbitrary web script or HTML via the toid parameter. ...
6 years ago

CVE-2005-3620 - The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local ...
6 years ago

CVE-2017-3620 - Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily "exploitable" vulnerability allows low privileged attacker with ...
5 years ago

CVE-2017-7928 - An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control ...
5 years ago

CVE-2013-3620 - Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generation motherboards before SMT X8 312. ...
5 years ago

CVE-2018-3620 - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel ...
4 years ago

CVE-2020-3620 - u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon ...
4 years ago

CVE-2014-3620 - cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain. ...
2 years ago

CVE-2022-3620 - A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The ...
2 years ago

CVE-2021-3620 - A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to ...
2 years ago

CVE-2009-3620 - The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system ...
1 year ago

Latest Cyber News

How Public & Private Sectors Can Better Align Cyber Defense - 11 minutes ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 36 minutes ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 1 hour ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 2 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 2 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 3 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 3 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 4 hours ago
APT43 Hackers Attacking Academic Institutions With Exposed Credentials - 5 hours ago
An Italian journalist speaks about being targeted with Paragon spyware | The Record from Recorded Future News - 5 hours ago
CVE-2025-25901 - 5 hours ago
CVE-2025-24904 - 5 hours ago
CVE-2025-25355 - 5 hours ago
CVE-2024-12011 - 5 hours ago
ANYRUN Safebrowsing Extension - Analyse Any Malicious URL for Free - 6 hours ago
CVE-2025-0426 - 6 hours ago
Munich Cyber Security and Security Conferences 2025 [Live Updates] | The Record from Recorded Future News - 7 hours ago
Chinese espionage tools deployed in RA World ransomware attack - 7 hours ago
CVE-2025-26580 - 7 hours ago
CVE-2025-26582 - 7 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 36 minutes ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 1 hour ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 2 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 2 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 3 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 3 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 4 hours ago
CVE-2025-0995 - 1 day ago
CVE-2025-0996 - 1 day ago
CVE-2025-0997 - 1 day ago
CVE-2025-0998 - 1 day ago
CVE-2025-24528 - 1 day ago
CVE-2024-11343 - 1 day ago
CVE-2024-12629 - 1 day ago
CVE-2024-9870 - 1 day ago
CVE-2025-0332 - 1 day ago
CVE-2025-0516 - 1 day ago
CVE-2025-1208 - 1 day ago
CVE-2025-25349 - 1 day ago
CVE-2025-25351 - 1 day ago