Title: HTML tag injection in Signal-desktop
Date Published: 14-05-2018
CVE Name: CVE-2018-10994
Class: Code injection
Remotely Exploitable: Yes
Locally Exploitable: No
Vendors contacted: Signal.org
Vulnerability Description:
Signal-desktop is the standalone desktop version of the secure
SEC Consult Vulnerability Lab Security Advisory < 20180514-0 >
===
title: Arbitrary File Upload & Cross-site scripting
product: MyBiz MyProcureNet
vulnerable version: 5.0.0
fixed versio
Vulnerabilities in IBMs Flashsystems and Storwize Products
-
Introduction
Vulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem
900 and IBM Storwize V7000. These were discovered during a