CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

100 matches found

Cvelist•added 2012/08/06 4:0 p.m.•22 views

CVE-2012-4142

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, ignores some characters in HTML documents in unspecified circumstances, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via a crafted document...

5.3AI score0.00418EPSS

Exploits0References5

0day.today•added 2010/09/20 12:0 a.m.•18 views

odCMS Cookies handling vulnerabilities

Exploit for php platform in category web applications ====================================== odCMS Cookies handling vulnerabilities ====================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/...

7.1AI score

Exploits0

Prion•added 2010/06/11 7:30 p.m.•21 views

Memory corruption

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrar...

9.3CVSS7.8AI score0.04184EPSS

Exploits0References28Affected Software6

UbuntuCve•added 2010/03/15 2:15 p.m.•29 views

CVE-2010-0050

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via an HTML document with improperly nested tags...

9.3CVSS7.5AI score0.46372EPSS

Exploits0References2

Tenable Nessus•added 2009/12/09 12:0 a.m.•19 views

openSUSE Security Update : perl-HTML-Parser (perl-HTML-Parser-1491)

Specially crafted HTML documents could cause perl-HTML-Parser to run into an endless loop CVE-2009-3627. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update perl-HTML-Parser-1491. The text...

4.3CVSS5.3AI score0.00726EPSS

Exploits1References2

UbuntuCve•added 2009/11/13 3:30 p.m.•24 views

CVE-2009-2841

The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...

5CVSS6AI score0.03879EPSS

Exploits2References2

Positive Technologies•added 2009/10/14 12:0 a.m.•3 views

PT-2009-4932 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1, 7, and 8 Description: The issue arises from improper argument validation for unspecified variables, allowing remote attackers to execute arbitrary code via a crafted HTML document. This...

9.3CVSS7.4AI score0.19786EPSS

Exploits1References5

Cvelist•added 2009/09/09 10:0 p.m.•18 views

CVE-2009-3114

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K...

6.7AI score0.00772EPSS

Exploits0References5

Prion•added 2009/06/10 2:30 p.m.•13 views

Design/Logic Flaw

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant aka const declarations in a type-conversion operation during JavaScript exception handling, which allows remote attackers to execute arbitrary code or...

9.3CVSS8AI score0.0549EPSS

Exploits2References14Affected Software1

Tenable Nessus•added 2009/04/23 12:0 a.m.•28 views

MDKA-2007:097 : shared-mime-info

The freedesktop.org MIME type database contains a wrong MIME type for HTML documents. This information is used by GNOME and other desktop environments to identify files and could cause trouble with the beagle desktop search and other applications. This update corrects this issue. %NASLMINLEVEL...

6.8AI score

Exploits0References1

OpenVAS•added 2009/04/09 12:0 a.m.•16 views

Mandriva Update for shared-mime-info MDKA-2007:097 (shared-mime-info)

Check for the Version of shared-mime-info OpenVAS Vulnerability Test Mandriva Update for shared-mime-info MDKA-2007:097 shared-mime-info Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribut...

Exploits0References2

NVD•added 2008/12/12 6:30 p.m.•12 views

CVE-2008-5529

CA eTrust Antivirus 31.6.6086, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, a...

9.3CVSS6.3AI score0.00313EPSS

Exploits6References4

Prion•added 2008/12/12 6:30 p.m.•15 views

Design/Logic Flaw

DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, a...

9.3CVSS6.2AI score0.86312EPSS

Exploits7References4Affected Software1

Prion•added 2008/12/12 6:30 p.m.•12 views

Design/Logic Flaw

Ewido Security Suite 4.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...

9.3CVSS6.2AI score0.86312EPSS

Exploits7References4Affected Software1

Cvelist•added 2008/12/12 6:13 p.m.•15 views

CVE-2008-5548

VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...

6.3AI score0.00293EPSS

Exploits6References4

Cvelist•added 2008/12/12 6:13 p.m.•20 views

CVE-2008-5532

Ikarus Virus Utilities T3.1.1.45.0 and possibly T3.1.1.34.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt...

6.4AI score0.00293EPSS

Exploits6References4

Cvelist•added 2008/12/12 6:13 p.m.•22 views

CVE-2008-5531

Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...

6.3AI score0.00313EPSS

Exploits6References4

Cvelist•added 2008/12/12 6:13 p.m.•18 views

CVE-2008-5526

6.3AI score0.00313EPSS

Exploits6References4

Cvelist•added 2008/12/12 6:13 p.m.•16 views

CVE-2008-5539

RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, ...

6.4AI score0.00117EPSS

Exploits6References4

Cvelist•added 2008/12/12 6:13 p.m.•20 views

CVE-2008-5541

Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...

6.3AI score0.00761EPSS

Exploits6References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by