CVE-2023-2316
Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via “typora://app/<absolute-path>”. This vulnerability...
Read MoreAuthor: Auto Poster
CVE-2023-2317
Posted by Auto Poster | Aug 22, 2023 | Linux |
DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading...
Read MoreCVE-2023-2318
Posted by Auto Poster | Aug 22, 2023 | Linux |
DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be...
Read MoreCVE-2023-3078
Posted by Auto Poster | Aug 22, 2023 | Microsoft |
CVE-2023-3078 Go to Source An uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated...
Read MoreCritical Adobe ColdFusion Flaw Added to CISA’s Exploited Vulnerability Catalog
Posted by Auto Poster | Aug 21, 2023 | Adobe |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The...
Read MoreCategories
- Adobe
- Amazon
- Apple
- Breached website
- Cisco
- Crypto Currency
- Data Breaches
- Data Leak
- Firefox
- Hewlett-Packard
- Huawei
- IBM
- Intel
- IoT
- Kaspersky
- Lenovo
- Linux
- Malware
- McAfee
- Microsoft
- Misc
- Oracle
- Pending articles
- Security alerts
- Social Media
- SolarWinds
- Symantec
- T-Mobile
- UNIX
- VMware
- Web CMS
- Wireless
- Zoom