Lucene search
K

4361 matches found

Tenable Nessus
Tenable Nessus
added 2012/12/12 12:0 a.m.35 views

Google Chrome < 23.0.1271.97 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 23.0.1271.97 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to visibility events and the URL loader. CVE-2012-5139, CVE-2012-5140 - An unspecified error exists related t...

10CVSS7.7AI score0.08308EPSS
Exploits1References12
ThreatPost
ThreatPost
added 2012/12/11 8:45 p.m.36 views

Critical Vulnerability Fixed in Chrome 23

It’s Patch Tuesday, and not just for Microsoft and Adobe. Google also patched a number of security vulnerabilities in its Chrome browser today, including one critical flaw and three high-severity ones. The most serious vulnerability that Google fixed in Chrome 23 is a crash in the browser’s histo...

10CVSS0.5AI score0.03533EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2012/11/28 5:54 a.m.9 views

Java zero-day exploit sold in underground Market

Once again a zero day vulnerability exploit is sold by cyber criminals in the underground, once again a the flaw is related to Oracle's Java software that could allow to gain remote control over victim's machine. The news has been reported by KrebsOnSecurity blog that announced that the exploit...

7AI score
Exploits0
Opera Security Advisories
Opera Security Advisories
added 2012/11/02 12:0 a.m.9 views

Internet shortcuts used for phishing in elements – Opera Security Advisories

Websites may occasionally want to display image content from untrusted sources. A phishing attack may be carried out by the untrusted source, by displaying malicious instructions on the image, or by navigating the containing page to a similar looking document on another server. Since some image...

5.8AI score
Exploits0References1
myhack58
myhack58
added 2012/10/25 12:0 a.m.31 views

Sunny Navigation System cms the background filter is not strict vulnerability-vulnerability warning-the black bar safety net

BY: madmen From 1 6 3 Micro Forum Test URL http://www.xxx.com/admin/log/dispcont.asp admin/log/dispcont. asp View administrator login records where the filter is not strict lead to can view the login record of success Although success is cmd5 encryption, but a large part can be cracked Tasteless ...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/10/15 12:0 a.m.50 views

Mozilla Seamonkey Multiple Vulnerabilities-01 (Windows)

The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln01oct12win.nasl 6093 2017-05-10 09:03:18Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities-01 Windows Authors: Arun Kallavi Copyright: Copyright c 20...

10CVSS0.8AI score0.42609EPSS
Exploits6References12
OpenVAS
OpenVAS
added 2012/10/15 12:0 a.m.43 views

Mozilla Seamonkey Multiple Vulnerabilities - 01 - Mac OS X

Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.42609EPSS
Exploits6References13
Tenable Nessus
Tenable Nessus
added 2012/10/12 12:0 a.m.41 views

Mandriva Linux Security Advisory : libxslt (MDVSA-2012:164)

Multiple vulnerabilities has been discovered and corrected in libxslt : Unspecified vulnerability in XSLT allows remote attackers to obtain potentially sensitive information about heap memory addresses via unknown vectors CVE-2011-1202. libxslt 1.1.26 and earlier does not properly manage memory,...

6.8CVSS8.8AI score0.02455EPSS
Exploits1References4
NVD
NVD
added 2012/10/10 5:55 p.m.21 views

CVE-2012-3984

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling...

6.8CVSS6.1AI score0.02246EPSS
Exploits0References10
Prion
Prion
added 2012/10/10 5:55 p.m.17 views

Cross site scripting

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...

4.3CVSS5.9AI score0.02513EPSS
Exploits0References15Affected Software13
Prion
Prion
added 2012/10/10 5:55 p.m.22 views

Code injection

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling...

6.8CVSS6.5AI score0.02246EPSS
Exploits0References10Affected Software6
UbuntuCve
UbuntuCve
added 2012/10/10 5:55 p.m.27 views

CVE-2012-5354

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...

6.8CVSS5.9AI score0.01678EPSS
Exploits0References3
Prion
Prion
added 2012/10/10 5:55 p.m.18 views

Design/Logic Flaw

Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...

9.3CVSS8AI score0.05201EPSS
Exploits0References16Affected Software13
Cvelist
Cvelist
added 2012/10/10 5:0 p.m.25 views

CVE-2012-3984

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT element's menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling...

9.1AI score0.02246EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2012/10/09 10:45 p.m.2 views

Mozilla: DOS and crash with full screen and history navigation (MFSA 2012-79)

Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...

9.3CVSS7.8AI score0.05201EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/10/09 10:45 p.m.4 views

Mozilla: Spoofing and script injection through location.hash (MFSA 2012-84)

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...

4.3CVSS7.3AI score0.02513EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/10/09 10:25 p.m.6 views

Mozilla: DOS and crash with full screen and history navigation (MFSA 2012-79)

Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...

9.3CVSS7.8AI score0.05201EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/10/09 10:25 p.m.9 views

Mozilla: Spoofing and script injection through location.hash (MFSA 2012-84)

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...

4.3CVSS7.3AI score0.02513EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2012/10/09 12:0 a.m.22 views

CVE-2012-3988

Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 might allow user-assisted remote attackers to execute arbitrary code via vectors involving use of mozRequestFullScree...

9.3CVSS7.5AI score0.05201EPSS
Exploits0References3
Mozilla
Mozilla
added 2012/10/09 12:0 a.m.52 views

Spoofing and script injection through location.hash — Mozilla

Security researcher Mariusz Mlynski reported an issue with spoofing of the location property. In this issue, writes to location.hash can be used in concert with scripted history navigation to cause a specific website to be loaded into the history object. The baseURI can then be changed to this...

4.3CVSS8.8AI score0.02513EPSS
Exploits0References2Affected Software5
Rows per page
Query Builder