Lucene search
K

6574 matches found

Packet Storm
Packet Storm
added 2014/03/27 12:0 a.m.20 views

Joomla Kunena 3.0.4 Cross Site Scripting

Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description "Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years." Kunena is written in PHP. Users can post a Google Map using the following BBCode mapcontent/map Kunena creates ...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/03/27 12:0 a.m.26 views

Joomla! Component Kunena 3.0.4 - Persistent Cross-Site Scripting

Persistent XSS in Joomla::Kunena 3.0.4 26. February 2014 by Qoppa +++ Description "Kunena is the leading Joomla forum component. Downloaded more than 3,750,000 times in nearly 6 years." Kunena is written in PHP. Users can post a Google Map using the following BBCode mapcontent/map Kunena creates ...

7.4AI score
Exploits0
NVD
NVD
added 2014/03/26 10:55 a.m.20 views

CVE-2014-1826

Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...

2.6CVSS5.4AI score0.00898EPSS
Exploits3References1
Prion
Prion
added 2014/03/26 10:55 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...

2.6CVSS5.8AI score0.00898EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2014/03/26 10:0 a.m.23 views

CVE-2014-1826

Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...

5.4AI score0.00898EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2014/03/19 5:26 p.m.10 views

Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...

7.5CVSS6.9AI score0.04002EPSS
Exploits3References5
n0where
n0where
added 2014/03/05 4:53 p.m.24 views

Mobile Security Audit: zANTI

zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety zANTI offers a host of penetration-testing features, including...

0.8AI score
Exploits0
Prion
Prion
added 2014/01/16 12:17 p.m.25 views

Design/Logic Flaw

Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or...

7.5CVSS7.5AI score0.01332EPSS
Exploits1References5Affected Software2
Kitploit
Kitploit
added 2014/01/08 5:48 a.m.16 views

[Creepy] Geolocation information Gathering through Social Networking Platforms

Creepy is a geolocation OSINT tool. Gathers geolocation related information from online sources, and allows for presentation on map, search filtering based on exact location and/or date, export in csv format or kml for further analysis in Google Maps. What's new in v1.0.x ? Creepy now uses Qt 4,...

7.1AI score
Exploits0References1
NVD
NVD
added 2013/12/30 4:53 a.m.33 views

CVE-2013-7232

SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service...

7.5CVSS8.4AI score0.02289EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2013/12/30 12:0 a.m.4 views

PT-2013-6299 · Esri · Esri Arcgis For Server

Name of the Vulnerable Software and Affected Versions: ESRI ArcGIS for Server versions through 10.2 Description: The issue allows remote attackers to execute arbitrary SQL commands via unspecified input to the map or feature service. This can be exploited by providing malicious input to the...

7.5CVSS8.9AI score0.02289EPSS
Exploits1References3
n0where
n0where
added 2013/12/24 6:5 p.m.483 views

Geolocation OSINT Tool Creepy

Geolocation OSINT Tool Creepy Creepy is a geolocation OSINT tool. Gathers geolocation related information from online sources, and allows for presentation on map, search filtering based on exact location and/or date, export in csv format or kml for further analysis in Google Maps. What’s new in...

6.8AI score
Exploits0References2
OSV
OSV
added 2013/12/14 6:8 p.m.1 views

DEBIAN-CVE-2013-6376

The recalculateapicmap function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service host OS crash via a crafted ICR write operation in x2apic mode...

5.2CVSS7.3AI score0.01102EPSS
Exploits1References1
OSV
OSV
added 2013/12/14 5:21 p.m.1 views

DEBIAN-CVE-2013-6411

The HandleCrashedAircraft function in aircraftcmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service out-of-bounds read and crash by crashing an aircraft outside of the map...

5CVSS6.8AI score0.03305EPSS
Exploits1References1
Prion
Prion
added 2013/12/14 5:21 p.m.8 views

Out-of-bounds

The HandleCrashedAircraft function in aircraftcmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service out-of-bounds read and crash by crashing an aircraft outside of the map...

5CVSS6.9AI score0.03305EPSS
Exploits1References9Affected Software1
Debian CVE
Debian CVE
added 2013/12/14 5:0 p.m.22 views

CVE-2013-6411

The HandleCrashedAircraft function in aircraftcmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service out-of-bounds read and crash by crashing an aircraft outside of the map...

5CVSS6.1AI score0.03305EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2013/12/14 12:0 a.m.9 views

PT-2013-6018 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.12.6 Description: The issue allows guest OS users to cause a denial of service, resulting in a host OS crash, by performing a crafted ICR write operation in x2apic mode. This is due to a problem in the...

10CVSS7.4AI score0.34649EPSS
Exploits78References466
NVD
NVD
added 2013/12/12 6:55 p.m.25 views

CVE-2013-1978

Heap-based buffer overflow in the readxwdcols function in file-xwd.c in the X Window Dump XWD plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an X Window System XWD image dump with more colors than color map...

6.8CVSS8AI score0.04191EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2013/12/12 6:0 p.m.40 views

CVE-2013-1978

Heap-based buffer overflow in the readxwdcols function in file-xwd.c in the X Window Dump XWD plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an X Window System XWD image dump with more colors than color map...

6.8CVSS7.9AI score0.04191EPSS
Exploits0
Mageia
Mageia
added 2013/12/06 9:42 p.m.18 views

Updated openttd package fixes security vulnerability

A missing validation in OpenTTD before 1.3.3 allows remote attackers to cause a denial of service crash by forcefully crashing aircraft near the corner of the map. This triggers a corner case where data outside of the allocated map array is accessed CVE-2013-6411...

5CVSS6.5AI score0.03305EPSS
Exploits1References4
Rows per page
Query Builder