CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

RedhatCVE•added 2023/04/04 8:43 p.m.•39 views

CVE-2023-24538

A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system. Mitigation Mitigation...

9.8CVSS9.7AI score0.00759EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:59 a.m.•2 views

SUSE CVE-2010-1789

Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a JavaScript string object...

9.3CVSS8.1AI score0.18379EPSS

Exploits0References4

GithubExploit•added 2023/01/26 12:13 p.m.•19 views

Exploit for Code Injection in Paradox Ipr512_Firmware

Injection vulnerability in Paradox Security Systems IPR512 - C...

7.5CVSS7.8AI score0.34976EPSS

Exploits9

Github Security Blog•added 2019/08/23 12:5 a.m.•23 views

Cross-site Scripting in pandao editor.md

pandao Editor.md 1.5.0 allows XSS via the Javasript: string...

6.1CVSS3.7AI score0.0024EPSS

Exploits1References3Affected Software1

OSV•added 2019/08/23 12:5 a.m.•0 views

GHSA-5Q54-8P9J-X74J Cross-site Scripting in pandao editor.md

pandao Editor.md 1.5.0 allows XSS via the Javasript: string...

6.1CVSS5.8AI score0.0024EPSS

Exploits1References2

Veracode•added 2018/12/11 3:35 a.m.•29 views

Information Disclosure

Microsoft Chakracore is vulnerable to information disclosure. This is due to a use-after-free UAF bug when accessing a local Javascript String buffer, which allows an attacker to obtain sensitive information to perform further attacks against the system...

3.1CVSS5AI score0.15554EPSS

Exploits0References6Affected Software2

Tenable Nessus•added 2013/01/15 12:0 a.m.•33 views

Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities

Binary data 801345.prm...

10CVSS9.2AI score0.87365EPSS

Exploits28References47

UbuntuCve•added 2010/07/30 8:30 p.m.•20 views

CVE-2010-1789

9.3CVSS6.4AI score0.18379EPSS

Exploits0References1

Prion•added 2010/07/30 8:30 p.m.•13 views

Heap overflow

9.3CVSS8.5AI score0.18379EPSS

Exploits0References11Affected Software1

Debian CVE•added 2010/07/30 8:0 p.m.•21 views

CVE-2010-1789

Removed by vendor...

9.3CVSS6.7AI score0.18379EPSS

Exploits0

ATTACKERKB•added 2010/05/20 5:30 p.m.•0 views

CVE-2010-1988

Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than...

10CVSS6.2AI score0.07147EPSS

Exploits4References7

NVD•added 2005/05/02 4:0 a.m.•20 views

CVE-2005-0989

The findreplen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method...

5CVSS6.3AI score0.25295EPSS

Exploits1References18

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by