All Vulnerabilities

Microsoft Internet Explorer and Microsoft Edge have an information disclosure vulnerability which discloses the contents of its memory. An attacker could use the vulnerability to gain information about the system that could be combined with other attacks to compromise the system.

Microsoft Edge Scripting Engine is prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.

An information disclosure vulnerability exists in Microsoft Edge Scripting Engine when dealing with different object types. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a SQL injection vulnerability that allows remote authenticated users to gain MDSYS privileges via the MDSYS.SDO_TOPO_DROP_FTBL trigger.

SQL injection vulnerability exists in Huge-IT Video Gallery Extension. The vulnerability could allow a remote user to perform SQL injection attacks potentially allowing them access to database content and a target website can be compromised.

A reflected Cross Site Scripting (XSS) vulnerability has been found in the Huge-IT Video Gallery Joomla Extension. By using this vulnerability an attacker can inject malicious JavaScript code into the application, which will execute within the browser of any logged-in admin who views the page with injected code.

SQL injection vulnerability exists in Huge-IT Slideshow Extension. The vulnerability could allow a remote user to perform SQL injection attacks potentially allowing them access to database content and a target website can be compromised.

A Cross Site Scripting (XSS) vulnerability has been found in the Huge-IT Joomla Extension. By using this vulnerability an attacker can inject malicious JavaScript code into the application, which will execute within the browser of any logged-in admin who views the page with injected code.

Reflected Cross Site Scripting (XSS) and SQL Injection vulnerabilities have been found in the Huge-IT catalog extension for Joomla. Successful exploitation of these vulnerabilities could allow an attacker to compromise the target website.

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving OpenID Connect clients.