Lucene search
K

122 matches found

RedHat Linux
RedHat Linux
added 2022/01/12 12:35 p.m.5 views

Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these...

8.8CVSS7.4AI score0.0087EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/01/12 12:21 p.m.8 views

Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these...

8.8CVSS7.4AI score0.0087EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/01/12 12:8 p.m.3 views

Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. Some of these...

8.8CVSS7.4AI score0.0087EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2021/12/23 1:15 a.m.3 views

CVE-2021-38015

Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...

8.8CVSS7.2AI score0.00594EPSS
Exploits0References6
OSV
OSV
added 2021/12/23 1:15 a.m.2 views

DEBIAN-CVE-2021-38019

Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS7.1AI score0.00831EPSS
Exploits0References1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2021/11/15 12:0 a.m.79 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 96 to the stable channel for Windows, Mac and Linux. Chrome 96 is also promoted to our new extended stable channel for Windows and Mac. This will roll out over the coming days/weeks. Chrome 96.0.4664.45 contains a number of fixes an...

9.6CVSS8.7AI score0.01362EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/29 12:0 a.m.30 views

Adobe Prelude < 22.0 Multiple Vulnerabilities (APSB21-96)

The version of Adobe Prelude installed on the remote Windows host is prior to 22.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-96 advisory. - Adobe Prelude version 10.1 and earlier are affected by a memory corruption vulnerability. An unauthenticated attack...

9.3CVSS7.5AI score0.01995EPSS
Exploits0References12
Cvelist
Cvelist
added 2021/08/03 6:41 p.m.23 views

CVE-2021-33328

Cross-site scripting XSS vulnerability in the Asset module's edit vocabulary page in Liferay Portal 7.0.0 through 7.3.4, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the 1...

5.6AI score0.00675EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/03 6:29 p.m.24 views

CVE-2021-33322

In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 18, and 7.2 before fix pack 5, password reset tokens are not invalidated after a user changes their password, which allows remote attackers to change the user’s password via the old password reset tok...

7.8AI score0.01202EPSS
Exploits0References2
Talos
Talos
added 2020/08/31 12:0 a.m.73 views

OS4Ed openSIS install remote code execution vulnerability

Summary A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. A specially crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.4 Product URLs...

10CVSS10AI score0.06172EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2020/03/04 3:15 p.m.50 views

CVE-2020-10029

The GNU C Library aka glibc or libc6 before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to...

5.5CVSS7AI score0.00758EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2020/03/04 12:0 a.m.53 views

CVE-2020-10029

The GNU C Library aka glibc or libc6 before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to...

5.5CVSS7.1AI score0.00758EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2020/03/03 12:35 a.m.10 views

doctor-96.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1109165 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting doctor-96.ru website and i...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/09/03 11:34 a.m.310 views

Learn Ethical Hacking Online – A to Z Training Bundle 2019

Good news for you is that this week's THN Deals brings Ethical Hacking A to Z Bundle that let you get started regardless of your experience level. The Ethical Hacking A to Z Bundle will walk you through the very basic skills you need to start your journey towards becoming a professional ethical...

7.4AI score
Exploits0
NVD
NVD
added 2019/08/01 5:15 p.m.18 views

CVE-2016-10827

cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences SEC-96...

5.4CVSS5.2AI score0.00636EPSS
Exploits0References2
Prion
Prion
added 2019/08/01 5:15 p.m.17 views

Cross site scripting

cPanel before 55.9999.141 allows self stored XSS in WHM Edit System Mail Preferences SEC-96...

3.5CVSS6AI score0.00636EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/08 12:0 a.m.32 views

FreeBSD : OpenSSL -- ChaCha20-Poly1305 nonce vulnerability (e56f2f7c-410e-11e9-b95c-b499baebfeaf)

The OpenSSL project reports : Low: ChaCha20-Poly1305 with long nonces CVE-2019-1543 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length...

7.4CVSS6.3AI score0.05701EPSS
Exploits0References3
Prion
Prion
added 2019/03/06 9:29 p.m.31 views

Design/Logic Flaw

ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also...

5.8CVSS7.1AI score0.05701EPSS
Exploits0References13Affected Software1
FreeBSD
FreeBSD
added 2019/03/06 12:0 a.m.104 views

OpenSSL -- ChaCha20-Poly1305 nonce vulnerability

The OpenSSL project reports: Low: ChaCha20-Poly1305 with long nonces CVE-2019-1543 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length a...

7.4CVSS1.2AI score0.05701EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/06/12 12:0 a.m.43 views

Microsoft Windows: Network security: Encryption types allowed for Kerberos

This policy setting allows you to set the encryption types that Kerberos is allowed to use. If not selected, the encryption type will not be allowed. This setting may affect compatibility with client computers or services and applications. Multiple selections are permitted. C Microsoft Corporatio...

7.1AI score
Exploits0References6
Rows per page
Query Builder