afian — filerun FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman&section=do&page=up URI. 2019-06-20 4.3 CVE-2019-12905MISC alpinelinux — abuild Alpine Linux abuild through 3.4.0 allows an unprivileged member of…

3s-smart — multiple_codesys_products 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference. 2019-12-20 not…

oracle — graalvm_enterprise_edition Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability allows…

adam_ross — tokenauth The Token Authentication (tokenauth) module 6.x-1.x before 6.x-1.7 for Drupal does not properly revert user sessions, which might allow remote attackers to perform requests with extra privileges.…

PrimaryVendor — Product Description Discovered Published CVSS Score Source & Patch Info Adobe — PhotoshopAdobe — Photoshop Elements Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0,…

apprain — apprain Cross-site scripting (XSS) vulnerability in the Search module (quickstart/search) in appRain CMF 0.1.5 allows remote attackers to inject arbitrary web script or HTML via the ss parameter.…

PrimaryVendor — Product Description Discovered Published CVSS Score Source & Patch Info Apache Software Foundation — Apache HTTP Server Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the…

apple — mac_os_x Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted…