CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3793 matches found

RedHat Linux•added 2022/04/08 2:2 p.m.•2 views

Mozilla: iframe contents could be rendered outside the border

The Mozilla Foundation Security Advisory describes this flaw as: Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks...

5.4CVSS7.3AI score0.00557EPSS

Exploits1References6

BDU FSTEC•added 2022/04/08 12:0 a.m.•4 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the manipulation of the zero pointer, allows a hacker to trigger a service failure.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the handling of the zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.5AI score

Exploits0References2Affected Software1

vulnersOsv•added 2022/04/07 3:20 p.m.•0 views

@podium/layout (>=2.5.1 <=5.0.0-next.1), @podium/podlet (>=3.0.0 <=5.0.0-next.1) +1 more potentially affected by CVE-2022-24822 via @podium/proxy (>=2.4.4 <=4.2.73)

@podium/proxy NPM version =2.4.4, =2.5.1, =3.0.0, =1.0.0, =2.4.1 Source cves: CVE-2022-24822 Source advisory: OSV:GHSA-3HJG-VC7R-RCRW...

7.5CVSS7.1AI score0.01549EPSS

Exploits0

OSV•added 2022/04/07 3:20 p.m.•44 views

GHSA-3HJG-VC7R-RCRW Denial of Service vulnerability in @podium/layout and @podium/proxy

Impact An attacker using the Trailer header as part of the request against proxy endpoints has the ability to take down the server. All Podium layouts that include podlets with proxy endpoints are affected. Patches @podium/layout which is the main way developers/users are vulnerable to this...

7.5CVSS7.4AI score0.01549EPSS

Exploits0References6

Prion•added 2022/04/06 6:15 p.m.•7 views

Design/Logic Flaw

Podium is a library for building micro frontends. @podium/layout is a module for building a Podium layout server, and @podium/proxy is a module for proxying HTTP requests from a layout server to a podlet server. In @podium/layout prior to version 4.6.110 and @podium/proxy prior to version 4.2.74,...

5CVSS7.5AI score0.01549EPSS

Exploits0References5Affected Software2

Cvelist•added 2022/04/06 5:15 p.m.•31 views

CVE-2022-24822 Denial of Service in @podium/layout and @podium/proxy

7.5CVSS7.7AI score0.01549EPSS

Exploits0References5

RedhatCVE•added 2022/04/06 2:50 p.m.•50 views

CVE-2022-28286

5.4CVSS1.7AI score0.00557EPSS

Exploits1References5

CNNVD•added 2022/04/06 12:0 a.m.•3 views

Finn.no Podium 安全漏洞

Finn.no Podium is a library for building micro front ends from Finn.no Norway. A security vulnerability in Finn.no Podium layout prior to 4.6.110 and Podium proxy prior to 4.2.74 allows an attacker to shut down a server using the Trailer header as part of a request to the proxy endpoint...

7.5CVSS7.3AI score0.01549EPSS

Exploits0References6

UbuntuCve•added 2022/04/06 12:0 a.m.•39 views

CVE-2022-28286

Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...

5.4CVSS6.8AI score0.00557EPSS

Exploits1References6

OSV•added 2022/04/06 12:0 a.m.•0 views

UBUNTU-CVE-2022-28286

5.4CVSS6.7AI score0.00557EPSS

Exploits1References7

MSRC•added 2022/04/05 6:0 p.m.•28 views

Randomizing the KUSER_SHARED_DATA Structure on Windows

Windows 10 made a lot of improvements in Kernel Address Space Layout Randomization KASLR that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space VAS locations including kernel stacks, pools, system PTEs etc. are randomized. A...

3.4AI score

Exploits0

MSRC•added 2022/04/05 7:0 a.m.•16 views

Randomizing the KUSER_SHARED_DATA Structure on Windows

3.6AI score

Exploits0

MSRC•added 2022/04/05 7:0 a.m.•9 views

Randomizing the KUSER_SHARED_DATA Structure on Windows

7.7AI score

Exploits0