Lucene search
K

23 matches found

Patchstack
Patchstack
added 2025/12/18 10:17 p.m.5 views

WordPress Colibri Page Builder plugin <= 1.0.345 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Abu Hurayra HurayraIIT in WordPress Plugin Colibri Page Builder versions = 1.0.345...

6.4CVSS5.3AI score0.00275EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/04 2:40 a.m.12 views

CVE-2024-11747 Responsive Videos <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Responsive Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'somryv' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00317EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/05/11 12:0 a.m.16 views

openSUSE Security Advisory (openSUSE-SU-2024:0119-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.63076EPSS
Exploits3References6
OPENSUSE Linux
OPENSUSE Linux
added 2024/05/10 12:0 a.m.4 views

Security update for tinyproxy (important)

openSUSE Security Update: Security update for tinyproxy Announcement ID: openSUSE-SU-2024:0119-1 Rating: important References: 1200028 1203553 1223743 1223746 Cross-References: CVE-2012-3505 CVE-2017-11747 CVE-2022-40468 CVE-2023-40533 CVE-2023-49606 CVSS scores: CVE-2017-11747 NVD : 5.5...

7.5CVSS6.6AI score0.63076EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.21 views

Ubuntu 16.04 ESM / 18.04 ESM : Tinyproxy vulnerability (USN-4808-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4808-1 advisory. It was discovered that Tinyproxy created its pid file with insecure permissions. An attacker could use the vulnerability to cause arbitrary processes ...

5.5CVSS5.9AI score0.00292EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.4 views

SUSE CVE-2017-11747

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executes a...

5.5CVSS6.7AI score0.00292EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.21 views

Mozilla Firefox Security Advisory (MFSA2019-25) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.8CVSS7.1AI score0.0216EPSS
Exploits3References23
Cvelist
Cvelist
added 2020/04/15 2:58 p.m.16 views

CVE-2020-11747

...

Exploits0
Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.28 views

Debian DLA-2163-1 : tinyproxy security update

A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon. CVE-2017-11747 main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might have allowed local users to kill arbitra...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/04/01 12:0 a.m.58 views

Debian: Security Advisory (DLA-2163-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00292EPSS
Exploits0References3
Debian
Debian
added 2020/03/31 1:17 p.m.38 views

[SECURITY] [DLA 2163-1] tinyproxy security update

Package : tinyproxy Version : 1.8.3-3+deb8u1 CVE ID : CVE-2017-11747 Debian Bug : 870307 948283 A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon. CVE-2017-11747 main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after...

5.5CVSS5.8AI score0.00292EPSS
Exploits0
CVE
CVE
added 2019/09/27 5:16 p.m.234 views

CVE-2019-11747

CVE-2019-11747 affects Mozilla Firefox and Firefox ESR. The vulnerability stems from a bug in the History pane’s “Forget about this site” feature which, while intended to delete site-visit data, also removes HSTS settings for sites on the pre-load list. As a result, on the next visit, if a user u...

6.5CVSS6.8AI score0.01195EPSS
Exploits0References5Affected Software2
OpenVAS
OpenVAS
added 2019/09/05 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-4122-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.0216EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/09/05 12:0 a.m.37 views

Mozilla Firefox < 69.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 69.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-25 advisory. - Mozilla developers and community members Randell Jesup, Philipp, Cosmin Sabou, and Natalia Csoregi reported...

9.8CVSS7.5AI score0.0216EPSS
Exploits3References22
Tenable Nessus
Tenable Nessus
added 2019/09/05 12:0 a.m.48 views

Mozilla Firefox < 69.0

The version of Firefox installed on the remote Windows host is prior to 69.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-25 advisory. - Mozilla developers and community members Randell Jesup, Philipp, Cosmin Sabou, and Natalia Csoregi reported memory safe...

9.8CVSS7.5AI score0.0216EPSS
Exploits3References22
OpenVAS
OpenVAS
added 2019/09/05 12:0 a.m.271 views

Mozilla Firefox ESR Security Advisories (MFSA2019-25, MFSA2019-27) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

9.3CVSS7.3AI score0.0216EPSS
Exploits2References1
RedHat Linux
RedHat Linux
added 2019/09/04 8:14 p.m.206 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.7AI score0.0216EPSS
Exploits2References15
ALT Linux
ALT Linux
added 2019/09/04 12:0 a.m.27 views

Security fix for the ALT Linux 10 package firefox-esr version 68.1.0-alt1

Sept. 4, 2019 Andrey Cherepanov 68.1.0-alt1 - New ESR version 68.1.0. - Fixed: + CVE-2019-11751 Malicious code execution through command line parameters + CVE-2019-11746 Use-after-free while manipulating video + CVE-2019-11744 XSS by breaking out of title and textarea elements using innerHTML +...

9.3CVSS8.3AI score0.0216EPSS
Exploits2
Circl
Circl
added 2019/03/21 7:26 p.m.4 views

CVE-2018-11747

creationtimestamp| type| source ---|---|--- 2019-03-21 19:26:51+00:00| seen| https://t.me/cibsecurity/3272...

9.8CVSS8.7AI score0.00724EPSS
Exploits0References1
CVE
CVE
added 2019/03/17 7:16 p.m.44 views

CVE-2018-11747

CVE-2018-11747 concerns Puppet Discovery where the nginx container shipped with a default generated TLS certificate. The root cause is the presence of a default certificate in the container prior to the fixed implementation. The documented remediation is that in version 1.4.0 a unique certificate...

9.8CVSS9.2AI score0.00724EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder