Lucene search
K

3179 matches found

openvas
openvas
added 2014/03/27 12:0 a.m.33 views

SeaMonkey Multiple Vulnerabilities-01 (Mar 2014) - Mac OS X

SeaMonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey"; ifdescription...

10CVSS8AI score0.83633EPSS
Exploits22References19
openvas
openvas
added 2014/03/27 12:0 a.m.32 views

Mozilla Thunderbird Multiple Vulnerabilities-01 (Mar 2014) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

10CVSS8AI score0.83633EPSS
Exploits19References13
prion
prion
added 2014/03/26 10:55 a.m.15 views

Design/Logic Flaw

The 1 Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli Storage Manager for Mail and the 2 FlashCopy Manager for Exchange component 2.2 and 3.1 before 3.1.1 in IBM Tivoli Storage FlashCopy Manager do not properly constrain mailbox contents during certain...

2.1CVSS6.4AI score0.00946EPSS
Exploits0References3Affected Software2
cve
cve
added 2014/03/26 10:0 a.m.46 views

CVE-2013-3976

IBM’s advisory for CVE-2013-3976 states that Data Protection for Microsoft Exchange (Tivoli Storage Manager for Mail) versions 6.1 and 6.3 and FlashCopy Manager for Microsoft Exchange versions 2.1, 2.2, and 3.1 may misbind contents when restoring multiple mailboxes into PSTs, causing a mailbox ow...

2.1CVSS6.1AI score0.00946EPSS
Exploits0References3Affected Software4
cvelist
cvelist
added 2014/03/26 10:0 a.m.22 views

CVE-2013-3976

The 1 Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli Storage Manager for Mail and the 2 FlashCopy Manager for Exchange component 2.2 and 3.1 before 3.1.1 in IBM Tivoli Storage FlashCopy Manager do not properly constrain mailbox contents during certain...

5.9AI score0.00946EPSS
Exploits0References3
openvas
openvas
added 2014/03/26 12:0 a.m.29 views

Mozilla Firefox Multiple Vulnerabilities-01 (Mar 2014) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS8AI score0.83633EPSS
Exploits22References19
nvd
nvd
added 2014/03/19 10:55 a.m.20 views

CVE-2014-1504

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via a crafted document that is accessed after a browser restart...

2.6CVSS8.4AI score0.02064EPSS
Exploits0References8
cve
cve
added 2014/03/19 10:0 a.m.120 views

CVE-2014-1504

CVE-2014-1504 affects Mozilla Firefox (pre-28.0) and SeaMonkey (pre-2.25). The session-restore feature does not honor the CSP of data: URLs, enabling remote XSS via a crafted document opened after a browser restart. The impact stated is cross-site scripting with partial integrity/complete confide...

2.6CVSS8.1AI score0.02064EPSS
Exploits0References8Affected Software1
cvelist
cvelist
added 2014/03/19 10:0 a.m.24 views

CVE-2014-1504

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via a crafted document that is accessed after a browser restart...

8.3AI score0.02064EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2014/03/18 12:0 a.m.25 views

CVE-2014-1504

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via a crafted document that is accessed after a browser restart...

2.6CVSS6.9AI score0.02064EPSS
Exploits0References3
mozilla
mozilla
added 2014/03/18 12:0 a.m.48 views

Content Security Policy for data: documents not preserved by session restore — Mozilla

Security researcher Nicolas Golubovic reported that the Content Security Policy CSP of data: documents was not saved as part of session restore. If an attacker convinced a victim to open a document from a data: URL injected onto a page, this can lead to a Cross-Site Scripting XSS attack. The targ...

2.6CVSS8.1AI score0.02064EPSS
Exploits0References2Affected Software2
nvd
nvd
added 2014/03/14 10:55 a.m.24 views

CVE-2013-5133

Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data...

8.8CVSS5.8AI score0.01744EPSS
Exploits1References1
prion
prion
added 2014/03/14 10:55 a.m.23 views

Information disclosure

Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data...

8.8CVSS6.2AI score0.01744EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2014/03/14 10:0 a.m.28 views

CVE-2013-5133

Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data...

5.8AI score0.01744EPSS
Exploits1References1
openvas
openvas
added 2014/02/25 12:0 a.m.18 views

Kimai < 0.9.3 Security Bypass Vulnerability - Active Check

Kimai is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.5AI score0.01261EPSS
Exploits0References3
nessus
nessus
added 2014/02/11 12:0 a.m.34 views

Ubuntu 12.04 LTS / 12.10 / 13.10 : firefox vulnerabilities (USN-2102-1)

Christian Holler, Terrence Cole, Jesse Ruderman, Gary Kwong, Eric Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Carsten Book, Andrew Sutherland, Byron Campen, Nicholas Nethercote, Paul Adenot, David Baron, Julian Seward and Sotaro Ikeda discovered multiple memory safety issues in Firefox...

10CVSS8.2AI score0.07072EPSS
Exploits11References15
prion
prion
added 2014/02/06 5:44 a.m.27 views

Code injection

Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service session restore via a crafted web site...

4.3CVSS6.8AI score0.01932EPSS
Exploits0References13Affected Software7
cve
cve
added 2014/02/06 2:0 a.m.141 views

CVE-2014-1489

Technical details for CVE-2014-1489 are not publicly available in the provided documents. Monitor for updates from vendors and vulnerability feeds.

4.3CVSS8.7AI score0.01932EPSS
Exploits0References13Affected Software1
ubuntucve
ubuntucve
added 2014/02/05 12:0 a.m.27 views

CVE-2014-1489

Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service session restore via a crafted web site...

4.3CVSS6.9AI score0.01932EPSS
Exploits0References3
thn
thn
added 2014/01/28 3:43 a.m.11 views

CryptorBit Ransomware that scam for Ransom money with fake Decryption Keys

We are continuously keeping our eye on new variants of the widely spread Ransomware family like Cryptolocker, Prison Locker, Copycat and Locker which encrypts your files and ask for a random amount to decrypt it. If infected by such malware, to be very honest, there is no hope for recovering your...

6.5AI score
Exploits0
Rows per page
Query Builder