Lucene search
K

4319 matches found

NVD
NVD
added 2014/10/09 10:55 a.m.21 views

CVE-2014-8068

Adobe Digital Editions DE 4 does not use encryption for transmission of data to adelogs.adobe.com, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by book-navigation information...

5CVSS6.1AI score0.0179EPSS
Exploits0References5
Cvelist
Cvelist
added 2014/10/09 10:0 a.m.24 views

CVE-2014-8068

Adobe Digital Editions DE 4 does not use encryption for transmission of data to adelogs.adobe.com, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by book-navigation information...

6.1AI score0.0179EPSS
Exploits0References5
OSV
OSV
added 2014/10/08 12:0 a.m.2 views

UBUNTU-CVE-2014-3197

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a...

5CVSS7.3AI score0.00955EPSS
Exploits0References6
n0where
n0where
added 2014/08/10 1:27 a.m.49 views

CLI Magic: I Didn’t Know That !

Command Editing Shortcuts Ctrl + a – go to the start of the command line Ctrl + e – go to the end of the command line Ctrl + k – delete from cursor to the end of the command line Ctrl + u – delete from cursor to the start of the command line Ctrl + w – delete from cursor to start of word i.e...

7.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/31 12:0 a.m.39 views

Fedora 20 : phpMyAdmin-4.2.6-1.fc20 (2014-8581)

phpMyAdmin 4.2.6.0 2014-07-17 =============================== - Undefined index warning with referenced column. - $cfg'MaxExactCount' is ignored when BROWSING is back - Multi Column sorting improved user experience - Server validation does not work while in setup/mysqli - Undefined variable when...

6.5CVSS7AI score0.02276EPSS
Exploits4References15
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

A-Blog 2.0 - Multiple Remote File Include Vulnerabilities

No description provided by source. ============================================================================================== A-Blog v2.0 Remote File Include =============================================================================================== Critical Level : Dangerous A-Blog...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Yahoo! Messenger 7.0/7.5 - Remote Search String Arbitrary Browser Navigation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19211/info Yahoo! Messenger is prone to a browser-navigation vulnerability that may permit a remote attacker to open a browser window on the victim user's computer to an arbitrary page. This issue occurs because the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

Browser Navigation Download Trick

No description provided by source. Another moderately interesting tidbit, I guess... It is an important and little-known property of web browsers that one document can always navigate other, non-same-origin windows to arbitrary URLs. Perhaps more interestingly, you can also navigate third-party...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Microsoft Windows Vista Windows Mail Local File Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23103/info Microsoft Windows Vista Windows Mail is prone to a local file-execution vulnerability due to a design error. An attackers may exploit this issue to execute local files. The attacker must entice a victim into...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

AJ HYIP MERIDIAN (news.php id) Blind SQL Injection Vulnerability

No description provided by source. AJ HYIP MERIDIAN news.php id Blind SQL Injection Vulnerability bug found by Jose Luis Gongora Fernandez a.k.a JosS contact: sys-projectathotmail.com website: http://www.hack0wn.com/ - site: http://www.ajsquare.com/products/ajhyip/index.php - about AJ HYIP: AJ HY...

7.1AI score
Exploits0
OSV
OSV
added 2014/06/27 3:3 p.m.9 views

MGASA-2014-0275 Updated phpmyadmin packages fix CVE-2014-4349

Updated phpmyadmin packages fix security vulnerability: In phpMyAdmin before 4.1.14, it is possible to trigger an XSS when hiding or unhiding a crafted table name in the navigation, due to unescaped HTML output in the navigation items hiding feature. Note that this vulnerability can only be...

3.5CVSS5.5AI score0.0213EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/06/23 12:0 a.m.29 views

FreeBSD : phpMyAdmin -- two XSS vulnerabilities due to unescaped db/table names (c4892644-f8c6-11e3-9f45-6805ca0b3d42)

The phpMyAdmin development team reports : Self-XSS due to unescaped HTML output in recent/favorite tables navigation. When marking a crafted database or table name as favorite or having it in recent tables, it is possible to trigger an XSS. This vulnerability can be triggered only by someone who...

3.5CVSS8.1AI score0.0213EPSS
Exploits2References5
phpMyAdmin
phpMyAdmin
added 2014/06/20 12:0 a.m.44 views

Self-XSS due to unescaped HTML output in navigation items hiding feature.

PMASA-2014-3 Announcement-ID: PMASA-2014-3 Date: 2014-06-20 Summary Self-XSS due to unescaped HTML output in navigation items hiding feature. Description When hiding or unhiding a crafted table name in the navigation, it is possible to trigger an XSS. Severity We consider this vulnerability to be...

3.5CVSS7.2AI score0.0213EPSS
Exploits1Affected Software1
FreeBSD
FreeBSD
added 2014/06/20 12:0 a.m.36 views

phpMyAdmin -- two XSS vulnerabilities due to unescaped db/table names

The phpMyAdmin development team reports: Self-XSS due to unescaped HTML output in recent/favorite tables navigation. When marking a crafted database or table name as favorite or having it in recent tables, it is possible to trigger an XSS. This vulnerability can be triggered only by someone who...

6.2AI score
Exploits0References2
The Hacker News
The Hacker News
added 2014/06/16 7:51 a.m.9 views

Internet Explorer Developer Channel - Early Access to Next-Generation Features For Developers

In an effort to create more open and accessible atmosphere between the Internet Explorer team and the Web development community, Microsoft today announced the launch of The Developer Channel for Internet Explorer. Internet Explorer Developer Channel is a fully-functioning browser designed to...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.48 views

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1345-1)

The Mozilla suite received following security updates bnc783533 : Mozilla Firefox was updated to 16.0.1. Mozilla SeaMonkey was updated to 2.13.1. Mozilla Thunderbird was updated to 16.0.1. Mozilla XULRunner was updated to 16.0.1. - MFSA 2012-88/CVE-2012-4191 bmo798045 Miscellaneous memory safety...

10CVSS8.6AI score0.42609EPSS
Exploits8References28
Prion
Prion
added 2014/05/08 10:55 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability on Google Search Appliance GSA devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element...

4.3CVSS6.2AI score0.00845EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/05/08 10:0 a.m.28 views

CVE-2014-0362

Cross-site scripting XSS vulnerability on Google Search Appliance GSA devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element...

5.8AI score0.00845EPSS
Exploits0References2
CVE
CVE
added 2014/05/08 10:0 a.m.49 views

CVE-2014-0362

CVE-2014-0362 describes an XSS flaw in Google Search Appliance (GSA) where input reflected into a [removed] block becomes executable when dynamic navigation is enabled. Affected products are GSA versions earlier than 7.0.14.G.216 and 7.2 earlier than 7.2.0.G.114. The impact is remote script execu...

4.3CVSS5.9AI score0.00845EPSS
Exploits0References2Affected Software1
Jake Archibald's Blog
Jake Archibald's Blog
added 2014/05/08 12:13 a.m.11 views

Service Worker - first draft published

The first draft of the service worker spec was published today! It's been a collaborative effort between Google, Samsung, Mozilla and others, and implementations for Chrome and Firefox are being actively developed. Anyone interesting in the web competing with native apps should be excited by this...

6.7AI score
Exploits0
Rows per page
Query Builder