Lucene search
K

9309 matches found

Prion
Prion
added 2012/09/19 10:57 a.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SmarterMail 9.2 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a JavaScript alert function used in conjunction with the fromCharCode method, 2 a SCRIPT element, 3 a Cascading Style Sheets CSS...

4.3CVSS6AI score0.02467EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2012/09/19 10:0 a.m.30 views

CVE-2012-2578

Multiple cross-site scripting XSS vulnerabilities in SmarterMail 9.2 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a JavaScript alert function used in conjunction with the fromCharCode method, 2 a SCRIPT element, 3 a Cascading Style Sheets CSS...

5.8AI score0.02467EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2012/09/17 12:0 a.m.36 views

MDaemon WorldClient < 12.5.7 Multiple XSS Vulnerabilities

According to its banner, the version of MDaemon's WorldClient is earlier than 12.5.7 and is, therefore, affected by the following cross-site scripting vulnerabilities : - Input supplied in body of an email is not properly sanitized before being presented to the user. Specially crafted email...

4.3CVSS5.1AI score0.03232EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2012/09/13 4:54 p.m.3 views

libxslt: Use-after-free when processing an invalid XPath expression

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service application crash via a crafted XSLT expression that is not properly identified during XPath navigation, related to 1 the...

4.3CVSS7.4AI score0.02385EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2012/09/11 12:0 a.m.40 views

Slackware Advisory SSA:2005-242-01 PCRE library

The remote host is missing an update as announced via advisory SSA:2005-242-01. OpenVAS Vulnerability Test $Id: esoftslkssa200524201.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

7.5CVSS0.3AI score0.04344EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/09/10 12:0 a.m.33 views

Slackware: Security Advisory (SSA:2005-242-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.6AI score0.04344EPSS
Exploits0References2
NVD
NVD
added 2012/09/05 11:55 p.m.21 views

CVE-2012-4387

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service CPU consumption via a long parameter name, which is processed as an OGNL expression...

5CVSS9.1AI score0.08353EPSS
Exploits0References7
Prion
Prion
added 2012/09/05 11:55 p.m.16 views

Code injection

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service CPU consumption via a long parameter name, which is processed as an OGNL expression...

5CVSS7AI score0.08353EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2012/09/05 11:55 p.m.24 views

CVE-2012-4387

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service CPU consumption via a long parameter name, which is processed as an OGNL expression...

5CVSS7.2AI score0.08353EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/09/05 11:0 p.m.33 views

CVE-2012-4387

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service CPU consumption via a long parameter name, which is processed as an OGNL expression...

9.1AI score0.08353EPSS
Exploits0References7
EUVD
EUVD
added 2012/09/05 11:0 p.m.5 views

EUVD-2022-4209

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service CPU consumption via a long parameter name, which is processed as an OGNL expression...

5CVSS9AI score0.08353EPSS
Exploits0References12
CVE
CVE
added 2012/09/05 11:0 p.m.82 views

CVE-2012-4387

CVE-2012-4387 is an Apache Struts DoS vulnerability: remote attacker can cause CPU exhaustion by sending a long parameter name that is processed as an OGNL expression. The issue affects Struts 2.0.0–2.3.4. In the connected IBM advisories, remediation centers on upgrading IBM Sterling Order Manage...

5CVSS6.5AI score0.08353EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2012/08/31 7:55 p.m.3 views

DEBIAN-CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service application crash via a crafted XSLT expression that is not properly identified during XPath navigation, related to 1 the...

4.3CVSS8.5AI score0.02385EPSS
Exploits0References1
Prion
Prion
added 2012/08/31 7:55 p.m.20 views

Design/Logic Flaw

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service application crash via a crafted XSLT expression that is not properly identified during XPath navigation, related to 1 the...

4.3CVSS6.5AI score0.02385EPSS
Exploits0References18Affected Software3
Debian CVE
Debian CVE
added 2012/08/31 7:0 p.m.42 views

CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service application crash via a crafted XSLT expression that is not properly identified during XPath navigation, related to 1 the...

4.3CVSS7.3AI score0.02385EPSS
Exploits0
Prion
Prion
added 2012/08/23 10:32 a.m.25 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Open Ticket Request System OTRS Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, 3.0.x before 3.0.6, and 3.1.x before 3.1.6, allow remote attackers to inject arbitrary web script or...

4.3CVSS6AI score0.04195EPSS
Exploits1References5Affected Software2
NVD
NVD
added 2012/08/12 9:55 p.m.16 views

CVE-2012-2573

Multiple cross-site scripting XSS vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

4.3CVSS5.7AI score0.01343EPSS
Exploits1References1
NVD
NVD
added 2012/08/12 9:55 p.m.25 views

CVE-2012-2585

Multiple cross-site scripting XSS vulnerabilities in ManageEngine ServiceDesk Plus 8.1 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the...

4.3CVSS5.7AI score0.01353EPSS
Exploits1References1
Prion
Prion
added 2012/08/12 9:55 p.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

4.3CVSS6AI score0.01343EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2012/08/12 9:55 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

4.3CVSS6AI score0.01319EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder