Lucene search
K

283 matches found

Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.28 views

Adobe Flash - Margin Handling Heap Corruption

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1174 The attached fuzzed swf causes a crash due to heap corruption when processing the margins of a rich text field. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42018.zip...

7.4AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2016/05/10 12:0 a.m.34 views

Adobe Acrobat Pro DC Text field Validate action Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

6.8CVSS3AI score0.0641EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/12/09 1:36 p.m.4 views

flash-plugin: multiple code execution issues fixed in APSB15-32

Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before...

9.3CVSS6.2AI score0.06431EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/12/09 1:36 p.m.6 views

flash-plugin: multiple code execution issues fixed in APSB15-32

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

9.3CVSS6.2AI score0.06538EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2015/12/09 12:0 a.m.5 views

PT-2016-4037 · Adobe +1 · Air Sdk & Compiler +5

Name of the Vulnerable Software and Affected Versions: Adobe Air versions affected versions not specified Adobe Air SDK versions affected versions not specified Adobe Air SDK &Compiler versions affected versions not specified Adobe Flash Player versions affected versions not specified Adobe Flash...

10CVSS9.1AI score0.43408EPSS
Exploits21References186
NVD
NVD
added 2014/05/08 2:29 p.m.12 views

CVE-2014-3123

Cross-site scripting XSS vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, NextGEN Manage gallery, or NextGEN Manage others gallery permission to inject arbitrary web script or...

2.1CVSS5.4AI score0.01589EPSS
Exploits1References4
Check Point Advisories
Check Point Advisories
added 2013/05/21 12:0 a.m.5 views

Adobe Flash Player Style Sheet Null Pointer Denial of Service (APSB13-15; CVE-2013-3329)

A denial of service vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a NULL pointer value when applying malformed badly formatted HTML text field. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS6AI score0.05319EPSS
Exploits0
Cvelist
Cvelist
added 2012/11/18 9:0 p.m.22 views

CVE-2012-4942

Multiple cross-site scripting XSS vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to inject arbitrary web script or HTML via an arbitrary text field...

5.8AI score0.01001EPSS
Exploits0References2
0day.today
0day.today
added 2011/03/13 12:0 a.m.35 views

FORMfields Upload Vulnability

Exploit for php platform in category web applications Date: 12.03.2011 Author: PretoriaN Vendor or Software Link: Version: app version Category:: Exploit Google dork: inurl:/forms/FORMfields/ Tested on: PHP Exploit:/examples/allFields/ffceallfields.phpupload Step 1: in Text Field: type any name...

7.1AI score
Exploits0
Prion
Prion
added 2011/01/28 9:0 p.m.24 views

Cross site scripting

Cross-site scripting XSS vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a...

4.3CVSS5.9AI score0.0223EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2010/04/05 3:30 p.m.28 views

Open redirect

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

9.3CVSS6.8AI score0.73436EPSS
Exploits7References8Affected Software1
securityvulns
securityvulns
added 2009/09/24 12:0 a.m.27 views

newt library memory corruption

Memory corruption on text field parsing...

4.6CVSS3.7AI score0.00497EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2008/01/17 10:0 p.m.17 views

CVE-2008-0335

Cross-site scripting XSS vulnerability in BugTracker.NET before 2.7.2 allows remote attackers to inject arbitrary web script or HTML via an arbitrary custom text field...

4.3CVSS5.7AI score0.01065EPSS
Exploits0References5
Cvelist
Cvelist
added 2008/01/17 9:7 p.m.16 views

CVE-2008-0335

Cross-site scripting XSS vulnerability in BugTracker.NET before 2.7.2 allows remote attackers to inject arbitrary web script or HTML via an arbitrary custom text field...

5.7AI score0.01065EPSS
Exploits0References5
Prion
Prion
added 2007/08/15 7:17 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the nodereference module in Drupal Content Construction Kit CCK before 4.7.x-1.6, and 5.x before 5.x-1.6 ,allow remote attackers to inject arbitrary web script or HTML via nodereference fields, when using 1 the plain formatter or 2 the...

4.3CVSS6.1AI score0.02275EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2007/08/15 7:0 p.m.47 views

CVE-2007-4363

CVE-2007-4363 affects the Drupal Content Construction Kit (CCK) nodereference module. The vulnerability exists in nodereference fields when using (1) the plain formatter or (2) the autocomplete text field widget without Views.module, allowing remote attackers to inject arbitrary web script or HTM...

4.3CVSS5.8AI score0.02275EPSS
Exploits0References10Affected Software1
Prion
Prion
added 2006/02/28 11:2 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in Brown Bear iCal 3.10 allows remote attackers to inject arbitrary web script or HTML via the Calendar Text field when a new event is added. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS6AI score0.0118EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2006/02/28 11:2 a.m.14 views

CVE-2006-0924

Cross-site scripting XSS vulnerability in Brown Bear iCal 3.10 allows remote attackers to inject arbitrary web script or HTML via the Calendar Text field when a new event is added. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

4.3CVSS5.5AI score0.0118EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/02/28 11:0 a.m.20 views

CVE-2006-0924

Cross-site scripting XSS vulnerability in Brown Bear iCal 3.10 allows remote attackers to inject arbitrary web script or HTML via the Calendar Text field when a new event is added. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5.5AI score0.0118EPSS
Exploits0References5
CVE
CVE
added 2006/02/28 11:0 a.m.43 views

CVE-2006-0924

Affected product : Brown Bear iCal 3.10. Vulnerability : Cross-site scripting (XSS) via the Calendar Text field when adding a new event. Impact : remote attackers can inject arbitrary web script or HTML. Root cause : insufficient sanitization/input handling in the Calendar Text field. Exploitatio...

4.3CVSS5.5AI score0.0118EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder