| Date |
Product |
Vulnerabilty Type |
Details |
|
08/2024
|
Collabora Office for Android
|
Improper Neutralization of Encoded URI Schemes in a Web Page (CWE‑84)
|
Post
|
|
08/2024
|
Moodle
|
Cross‑site Scripting (CWE‑79)
|
Post
|
|
05/2024
|
Certain HP LaserJet Pro Printers
|
(Possible) Exposure of Sensitive Information to an Unauthorized Actor (CWE‑200)
|
Post
|
|
03/2024
|
Airmail - Your Mail With You, Airmail for Business
|
Improper Neutralization of Input During Web Page Generation / "Cross‑site Scripting") (CWE‑79), Insecure Storage of Sensitive Information (CWE‑922)
|
Post
|
|
03/2024
|
Apple iOS/iPadOS, macOS and more
|
Improper Input Validation (CWE‑20)
|
Post
|
| Date |
Product |
Vulnerabilty Type |
Details |
|
10/2020
|
Wire AVS as used in Wire Secure Messenger
|
Use of Externally‑Controlled Format String (CWE‑134)
|
Post
|
|
07/2020
|
IBM Maximo Asset Management
|
Improper Restriction of XML External Entity Reference (CWE‑611)
|
Post
|
|
07/2020
|
Apple iOS, macOS
|
Heap‑based Buffer Overflow (CWE‑122)
|
Post
|
|
06/2020
|
Teamwire (Android)
|
Missing Authentication for Critical Function (CWE‑306)
|
Post
|
|
05/2020
|
Ilias
|
Improper Control of Filename for Include/Require Statement in PHP Program (CWE‑98), Exposure of Sensitive Information to an Unauthorized Actor (CWE‑200)
|
Post
|
|
03/2020
|
Fortinet FortiClient
|
Unquoted Search Path or Element (CWE‑428)
|
Post
|
|
01/2020
|
Juniper Networks Junos Space
|
External Control of File Name or Path (CWE‑73)
|
Post
|
@DTCERT