Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.
An XSS issue exists in the question-pool file-upload preview feature in ILIAS 6.4.
The server in Dundas BI through 22.214.171.1241 allows XSS via addition of a Component (e.g., a button) when events such as click, hover, etc. occur.
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.
Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user.
The server in Dundas BI through 126.96.36.1991 allows XSS via an HTML label when creating or editing a dashboard.
The Intel Support Assistant is the latest Windows utility to be found that could expose millions of computers to privilege-escalation attacks through file manipulation and symbolic links.
Zscaler says attacks involving the use of SSL/TLS encryption jumped 260% in the first nine months of 2020 compared to the same period last year.
The vulnerabilities in a common line of programmable logic controllers could allow attackers to gain control of industrial equipment.
In getPermissionInfosForGroup of Utils.java, there is a logic error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153879813