Lucene search
K

5125 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Fedora 42 : pandoc (2025-07fdd73bf0)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-07fdd73bf0 advisory. update MANUAL to cover threat related to user HTML iframe Tenable has extracted the preceding description block directly from the Fedora security advisory...

3.7CVSS5.9AI score0.00632EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-22759

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event...

9.6CVSS7.3AI score0.00743EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-22743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode...

4.3CVSS7.1AI score0.00643EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-25276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Media oEmbed iframe route does not properly validate the iframe domain setting, which allows embeds to be displayed in the context of the primary domain...

6.1CVSS6.1AI score0.00526EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-14465 Malicious code in ams-iframe-injector (npm)

The package ams-iframe-injector was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in @hopper-b2b/uber-iframe (npm)

The package @hopper-b2b/uber-iframe was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in ams-iframe-injector (npm)

The package ams-iframe-injector was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-8070 Malicious code in @hopper-b2b/uber-iframe (npm)

The package @hopper-b2b/uber-iframe was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-5691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to...

4.7CVSS7.1AI score0.00654EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-28164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability...

6.5CVSS7.6AI score0.00347EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2017-7791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On pages containing an iframe, the data: protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofin...

5.3CVSS7.3AI score0.01837EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-23601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks This vulnerability...

6.5CVSS7.5AI score0.00347EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-25728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a...

6.5CVSS7.6AI score0.00672EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-6608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This...

4.3CVSS7AI score0.00377EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-10460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox E...

5.4CVSS6.8AI score0.00294EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-7788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an iframe has a sandbox attribute and its content is specified using srcdoc, that content does not inherit the containing page's Content Security Policy CS...

9.8CVSS7.2AI score0.02336EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-0747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.5CVSS7.6AI score0.006EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-4140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR 91.5, Firefox 96, and...

10CVSS8.2AI score0.0134EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/07/30 4:37 p.m.7 views

CVE-2025-54527

In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions...

6.1CVSS6.5AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2025/07/28 5:15 p.m.10 views

CVE-2025-54527

In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions...

6.1CVSS0.00247EPSS
Exploits0References1
Rows per page
Query Builder