Lucene search
K

7 matches found

Cvelist
Cvelist
added 2026/05/18 7:0 p.m.29 views

CVE-2026-45245 Summarize < 0.15.1 Unauthorized Daemon Request via Untrusted Events

Summarize prior to 0.15.1 contains a vulnerability in the hover summary feature that allows malicious pages to dispatch synthetic mouseover events over attacker-controlled links, causing the extension to make authenticated daemon requests using stored tokens without verifying event trustworthines...

7.4CVSS0.0033EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/25 11:47 p.m.6 views

Insufficient Verification of Data Authenticity

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the cron process. An attacker can cause untrusted events to be labeled as trusted system events by triggering isolated cron agent runs...

6.3CVSS5.4AI score0.00151EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.2 views

SUSE CVE-2005-2260

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be...

7.5CVSS6.6AI score0.03264EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/11/11 12:0 a.m.4 views

PT-2022-26135 · Matrix · Element Ios

Name of the Vulnerable Software and Affected Versions: Element iOS versions prior to 1.9.7 Description: The issue affects the Element iOS client, which is based on MatrixSDK. Prior to version 1.9.7, events encrypted using Megolm for which trust could not be established did not get decorated...

6.5CVSS6.2AI score0.0041EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2011/04/29 3:14 a.m.7 views

Mozilla untrusted events can trigger autocomplete popup (MFSA 2011-14)

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls...

5CVSS7.4AI score0.02175EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2005/07/22 10:41 a.m.4 views

security flaw

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be...

7.5CVSS5.8AI score0.03264EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/07/21 10:14 a.m.7 views

security flaw

The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be...

7.5CVSS5.8AI score0.03264EPSS
Exploits0References4
Rows per page
Query Builder