CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7000 – Avaya Aura Conferencing XSS
https://notcve.org/view.php?id=CVE-2019-7000
31 Jul 2019 — A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencing include all 8.x versions prior to 8.0 SP14 (8.0.14). Prior versions not listed were not evaluated. Una vulnerabilidad Cross-Site Scripting (XSS) en la Web UI de Avaya Aura Conferencing podría permitir un código de ejecución y potencialmente revelar información confidencial. Versiones afectadas de Avaya Aura c... • https://downloads.avaya.com/css/P8/documents/101060208 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 104EXPL: 0CVE-2016-5285 – nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash
https://notcve.org/view.php?id=CVE-2016-5285
16 Nov 2016 — A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. Existe una vulnerabilidad de desreferencia de puntero nulo en Mozilla Network Security Services debido a una falta de verificación NULL en PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, lo que podría permitir que un usuario malintencionado remoto cause una Deneg... • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html • CWE-476: NULL Pointer Dereference •