Lucene search
K

15 matches found

RedHat Linux
RedHat Linux
added 2025/09/22 9:25 a.m.1 views

rhel-lightspeed: Improper Access Control in Lightspeed History Management Allows Local Privilege Manipulation

A flaw was found in the Lightspeed history service. Insufficient access controls allow a local, unprivileged user to access and manipulate the chat history of another user on the same system. By abusing inter-process communication calls to the history service, an attacker can view, delete, or...

7.7CVSS6AI score0.00215EPSS
Exploits0References4
CVE
CVE
added 2025/09/22 8:4 a.m.29 views

CVE-2025-5962

CVE-2025-5962 affects Lightspeed history service. A local, unprivileged user can abuse inter-process communication with the history service to view, delete, or inject history entries, potentially manipulating another user’s chat history and enabling privilege misuse or unauthorized command execut...

7.7CVSS6.9AI score0.00215EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-24001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not...

4.3CVSS7AI score0.0057EPSS
Exploits0References2
OSV
OSV
added 2025/05/20 4:15 p.m.4 views

UBUNTU-CVE-2025-37948

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

5.5CVSS6.1AI score0.00158EPSS
Exploits0References36
Cvelist
Cvelist
added 2025/05/20 4:1 p.m.11 views

CVE-2025-37948 arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

0.00158EPSS
Exploits0References7
OSV
OSV
added 2023/09/06 1:15 p.m.0 views

CVE-2023-41930

Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict the 'name' query parameter when rendering a history entry, allowing attackers to have Jenkins render a manipulated configuration history that was not created by the plugin...

4.3CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2021/06/24 2:15 p.m.14 views

CVE-2021-24001

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

4.3CVSS0.0057EPSS
Exploits0References2
CVE
CVE
added 2021/06/24 1:20 p.m.169 views

CVE-2021-24001

CVE-2021-24001 affects Mozilla Firefox prior to 88. A compromised content process could perform session history manipulations due to testing infrastructure not restricted to testing-only configurations, constituting a sandbox-escape scenario. Multiple connected sources confirm Firefox

4.3CVSS5.4AI score0.0057EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/04/21 12:0 a.m.7 views

Mozilla Firefox Permission License and Access Control Issues Vulnerability (CNVD-2021-49133)

Mozilla Firefox is an open source web browser. A security vulnerability exists in Mozilla Firefox, which can be exploited by remote attackers using test code to enable session history manipulation...

4.3CVSS6.9AI score0.0057EPSS
Exploits0References1
OSV
OSV
added 2021/04/19 12:0 a.m.0 views

UBUNTU-CVE-2021-24001

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

4.3CVSS6.9AI score0.0057EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/04/19 12:0 a.m.3 views

Mozilla Firefox 权限许可和访问控制问题漏洞

Mozilla Firefox is an open source web browser. A security vulnerability exists in Mozilla Firefox, which can be exploited by remote attackers using test code to enable session history manipulation...

4.3CVSS8.4AI score0.0057EPSS
Exploits0References8
Veracode
Veracode
added 2019/05/02 4:42 a.m.25 views

Cross Site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...

10CVSS8.2AI score0.73327EPSS
Exploits5References23Affected Software2
Veracode
Veracode
added 2019/05/02 4:42 a.m.24 views

Clickjacking Attack

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...

10CVSS8.2AI score0.73327EPSS
Exploits5References29Affected Software3
OSV
OSV
added 2015/09/02 12:0 a.m.2 views

UBUNTU-CVE-2015-1300

The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to obtain sensitive...

5CVSS7.4AI score0.01747EPSS
Exploits0References4
Cvelist
Cvelist
added 2012/03/08 10:0 p.m.24 views

CVE-2012-0585

The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the 1 pushState or 2 replaceState method...

6.2AI score0.02498EPSS
Exploits0References7
Rows per page
Query Builder