Severity Medium Analysis Summary CVE-2020-12387  A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable […]

Severity High Analysis Summary CVE-2020-12397 By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. […]

Severity High Analysis Summary Multiple security issues have been identified in customer-managed Citrix ShareFile storage zone controllers. These vulnerabilities can be exploited by malicious actors to […]

Severity Medium Analysis Summary The vulnerability exists because after an affected device handles a disassociation event it could send a limited number of Wi-Fi frames encrypted […]

Severity Medium Analysis Summary A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning […]

Severity High Analysis Summary A Stored Cross-Site Scripting (XSS) vulnerability in VMware ESXi exists. The VMware ESXi Host Client does not properly neutralize script-related HTML when […]

Severity High Analysis Summary The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability […]

Severity High Analysis Summary The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted […]