Microsoft Edge has an issue where NewScObjectNoCtor and InitProto opcodes are treated as having no side effects, but actually they can have via the SetIsPrototype method of the type handler…
>> ARCHIVE: 2019-01
Check Point ZoneAlarm version 8.8.1.110 suffers from a local privilege escalation vulnerability.
In Microsoft Edge, the JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode method is used to execute JsBuiltIn.js which initializes some builtin objects. Because it is essentially written in JavaScript, it needs to clear the disable-implicit-call flag…
Joomla ZHYandexMap component version 8.0.0.2 suffers from a database disclosure vulnerability.
Joomla YoutubeGallery component version 4.5.8 suffers from database disclosure and remote SQL injection vulnerabilities.
Oracle Reports Developer component version 12.2.1.3 suffers from a cross site scripting vulnerability.
Siemens SICAM A8000 Series suffers from an XML injection denial of service vulnerability.
Mozilla Firefox versions 64 and below have an issue where an overly liberal same-origin policy for file URIs and a bug in the implementation of this policy make Firefox vulnerable…
Microsoft Edge suffers from a Chakra related type confusion vulnerability in InlineArrayPush.
Spotify version 1.0.96.181 suffers from a proxy configuration denial of service vulnerability.