Advisories


#7

Title: CVE-2021-43908 - VSCode Remote Code Execution

Application: VSCode
Impact: Critical

Link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43908

#6

Title: Rocket.Chat Client-side Remote Code Execution

Application: Rocket.chat Desktop App
Impact: Critical

Link: https://ssd-disclosure.com/ssd-advisory-rocket-chat-client-side-remote-code-execution/

#5

Title: Discord Desktop RCE

Application: Discord
Impact: Critical

Link: TBD

#4

Title: Elastic Swift Type Prototype pollution and XSS

Application: Switfttype

Impact: High

Link: https://hackerone.com/reports/998398


#3

Title: XSLeak: User gesture requirement bypass of the scroll to text fragment in iframes 

Application: Google Chrome

Impact: Low

Link: https://bugs.chromium.org/p/chromium/issues/detail?id=1214792


#2

Title: Prototype Pollution to XSS in Cloud9  core 

Application: Cloud9

Impact: Medium

Link: TBD


#1

Title: CVE-2021-41097 - Prototype Pollution in Aurelia Path 

Application: Aurelia Library

Impact: Medium

Link: https://github.com/advisories/GHSA-3c9c-2p65-qvwv


#0

Title: Google Cloud and Azure JupyterLab RCE

Application: JupyterLab

Impact: High

Link: https://blog.s1r1us.ninja/research/cookie-tossing-to-rce-on-google-cloud-jupyter-notebooks