Lucene search
+L

155 matches found

UbuntuCve
UbuntuCve
added 2023/04/12 12:0 a.m.29 views

CVE-2023-29550

Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR...

8.8CVSS7.1AI score0.00702EPSS
Exploits0References7
OSV
OSV
added 2023/04/12 12:0 a.m.9 views

UBUNTU-CVE-2023-29547

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for...

6.5CVSS6.9AI score0.00469EPSS
Exploits0References4
NCSC
NCSC
added 2023/04/12 12:0 a.m.4 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Spoofi...

9.8CVSS7.6AI score0.00974EPSS
Exploits0
OSV
OSV
added 2023/04/12 12:0 a.m.8 views

UBUNTU-CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

6.5CVSS6.8AI score0.00327EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/04/12 12:0 a.m.16 views

Mozilla Firefox Security Advisory (MFSA2023-13) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS8.4AI score0.00952EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/04/05 1:49 a.m.4 views

SUSE CVE-2023-1817

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS8.6AI score0.00974EPSS
Exploits0References4
OSV
OSV
added 2023/04/04 10:15 p.m.1 views

DEBIAN-CVE-2023-1817

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.6AI score0.00974EPSS
Exploits0References1
OSV
OSV
added 2023/04/04 10:15 p.m.1 views

DEBIAN-CVE-2023-1819

Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.9AI score0.0088EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.112 views

Amazon Linux 2023 : clamav, clamav-data, clamav-devel (ALAS2023-2023-112)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-112 advisory. Possible remote code execution vulnerability in the ClamAV HFS+ file parser. The issue affects ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. CVE-2023-20032 A...

9.8CVSS8.5AI score0.29314EPSS
Exploits5References6
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.26 views

Debian: Security Advisory (DLA-112-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.7AI score0.65683EPSS
Exploits0References2
OSV
OSV
added 2022/10/20 12:15 p.m.7 views

CVE-2022-31366

An arbitrary file upload vulnerability in the apiImportLabs function in apilabs.php of EVE-NG 2.0.3-112 Community allows attackers to execute arbitrary code via a crafted UNL file...

7.2CVSS6.1AI score0.01056EPSS
Exploits1References2
NVD
NVD
added 2022/10/20 12:15 p.m.20 views

CVE-2022-31366

An arbitrary file upload vulnerability in the apiImportLabs function in apilabs.php of EVE-NG 2.0.3-112 Community allows attackers to execute arbitrary code via a crafted UNL file...

7.2CVSS0.01056EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/20 12:0 a.m.7 views

PT-2022-20718 · Eve-Ng · Eve-Ng

Name of the Vulnerable Software and Affected Versions: EVE-NG version 2.0.3-112 Community Description: The issue is related to an arbitrary file upload vulnerability in the apiImportLabs function within api labs.php. This vulnerability allows attackers to execute arbitrary code by uploading a...

7.2CVSS7.3AI score0.01056EPSS
Exploits1References5
Openbugbounty
Openbugbounty
added 2022/09/05 6:19 p.m.13 views

adoubleplustour.com Cross Site Scripting vulnerability OBB-2891649

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-112-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.04016EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.5 views

Eve-NG Professional 和 Eve-NG Community 操作系统命令注入漏洞

Eve-NG Professional is a clientless multi-vendor network emulation software. A security vulnerability exists in Eve-NG Professional version 4.0.1-65 and earlier, Eve-NG Community version 2.0.3-112 and earlier, which stems from a command injection vulnerability in the operating system in the...

9CVSS8.1AI score0.02486EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.5 views

Slackware: Security Advisory (SSA:2017-112-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
The Hacker News
The Hacker News
added 2021/01/05 11:2 a.m.5 views

Healthcare Industry Witnessed 45% Spike in Cyber Attacks Since Nov 20

Cyberattacks targeting healthcare organizations have spiked by 45% since November 2020 as COVID-19 cases continue to increase globally. According to a new report published by Check Point Research today and shared with The Hacker News, this increase has made the sector the most targeted industry b...

6.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/11/11 1:3 a.m.224 views

Patch Tuesday - November 2020

Jumping right back to a triple digit volume of vulnerabilities resolved, Microsoft covers 112 CVEs this November affecting products ranging from our standard Windows Operating Systems and Microsoft Office products to some new entries such as Azure Sphere. Microsoft CVE-2020-17087: Windows Kernel...

10CVSS0.3AI score0.09857EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2020/04/30 9:25 p.m.9 views

jogalo.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1153695 Security Researcher DkilerS2 Helped patch 112 vulnerabilities Received 4 Coordinated Disclosure badges Received 8 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting jogalo.com website and its...

0.2AI score
Exploits0
Rows per page
Query Builder