Lucene search
+L

169 matches found

OSV
OSV
added 2018/09/03 7:29 p.m.24 views

PYSEC-2018-16

An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS...

6.1CVSS2AI score0.01327EPSS
Exploits1References4
CVE
CVE
added 2018/09/03 7:0 p.m.73 views

CVE-2018-16405

The CVE-2018-16405 issue affects Mayan EDMS prior to 3.0.2, where the Appearance app directly uses window.location, causing cross-site scripting (XSS). The vulnerability enables attacker-controlled navigation or script execution related to insufficient input sanitization in the Appearance compone...

6.1CVSS6AI score0.01327EPSS
Exploits1References3Affected Software1
Circl
Circl
added 2017/09/08 11:52 p.m.6 views

CVE-2017-5033

creationtimestamp| type| source ---|---|--- 2017-09-08 23:52:11+00:00| seen| https://t.me/BleepingComputer/1694...

4.3CVSS6.3AI score0.01472EPSS
Exploits1References1
Prion
Prion
added 2016/07/28 4:59 p.m.20 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add new repository proxy connectors via the token parameter to admin/addProxyConnectorcommit.action, 2 new...

6.8CVSS7.7AI score0.07863EPSS
Exploits7References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.8 views

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to the use of memory after its release use-after-free error in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink. Exploiting this vulnerability allows malicious actors to cause service failures or...

7.5CVSS7.7AI score0.01574EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2016/03/27 8:13 p.m.11 views

6 Charged for Hacking Lottery Terminals to Produce More Winning Tickets

Police have arrested and charged six people with crimes linked to hacking Connecticut state lottery terminals in order to produce more winning tickets than usual. Prosecutors say all the six suspects are either owners or employees of retail stores that produced a much higher number of winning...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2016/03/16 12:0 a.m.25 views

Litecart CMS 1.3.4 Cross Site Scripting

Product: Litecart CMS Vendor: Litecart Vendor Homepage: https://www.litecart.net/ Vulnerable Versions: 1.3.4 and probably prior Tested Version: 1.3.4 Issue Reported: Feb 24, 2016 Vendor Fix: Feb 28, 2016 Public Disclosure: June 25, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level:...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.19 views

openSUSE Security Update : ibus (openSUSE-SU-2013:1686-1)

This is an additional fix patch for ibus to avoid the wrong IBus.InputPurpose.PASSWORD advertisement, which leads to the password text appearance on GNOME3 lockscreen bnc847718 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

1.9CVSS5.3AI score0.00341EPSS
Exploits0References3
OSV
OSV
added 2014/05/14 12:0 a.m.6 views

UBUNTU-CVE-2014-1742

Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper...

7.5CVSS7.4AI score0.01574EPSS
Exploits0References6
Cisco Threats
Cisco Threats
added 2014/05/08 8:44 p.m.15 views

Threat Outbreak Alert: Fake Court Apperance Notice Email Messages on May 13, 2014

Medium Alert ID: 34172 First Published: 2014 May 8 20:44 GMT Last Updated: 2014 May 14 13:17 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a court appearance notice for the recipient. The text in the email message...

0.3AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/01/14 3:46 p.m.8 views

Threat Outbreak Alert: Fake Court Appearance Request Email Messages on January 22, 2014

Medium Alert ID: 32426 First Published: 2014 January 14 15:46 GMT Last Updated: 2014 January 24 12:42 GMT Version: 5 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a court appearance notice for the recipient. The text in the email...

0.6AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/01/02 2:31 p.m.10 views

Threat Outbreak Alert: Fake Court Appearance Request Email Messages on June 14, 2014

Medium Alert ID: 32285 First Published: 2014 January 2 14:31 GMT Last Updated: 2014 June 16 13:59 GMT Version: 19 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a court appearance notice for the recipient. The text in the email messag...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2012/03/12 7:57 a.m.8 views

Kevin Mitnick's website open to Cross-Site Scripting ( XSS ) vulnerability

Kevin Mitnick's website open to Cross-Site Scripting XSS vulnerability Cross-Site Scripting XSS vulnerability discovered in official website of Kevin Mitnick one of the most talented hackers, and the one one most prosecuted by the state. Mitnick's hacker handle was "Condor". He became the first...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2011/04/08 8:42 p.m.14 views

DerbyCon Security Conference 2011

We are happy to announce that Offensive Security will be sponsoring DerbyCon. DerbyCon is a new hacker conference located in Louisville Kentucky. Our goal is to bring back an old style, community driven hacker con chocked full of amazing talks, live events and all around fun. The idea for DerbyCo...

6.5AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/14 12:0 a.m.19 views

Real-Time ASP Calendar SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

0.4AI score
Exploits0
Fedora
Fedora
added 2010/05/25 6:40 p.m.11 views

[SECURITY] Fedora 12 Update: html2ps-1.0-0.4.b5.fc12

An HTML to PostScript converter written in Perl. Many possibilities to control the appearance. Support for processing multiple documents. A table of contents can be generated. Configurable page headers/footers. Automatic hyphenation and text justification can be selected...

0.6AI score
Exploits0
Fedora
Fedora
added 2010/05/25 6:37 p.m.14 views

[SECURITY] Fedora 11 Update: html2ps-1.0-0.3.b5.fc11

An HTML to PostScript converter written in Perl. Many possibilities to control the appearance. Support for processing multiple documents. A table of contents can be generated. Configurable page headers/footers. Automatic hyphenation and text justification can be selected...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2010/05/17 4:8 p.m.7 views

The Coming Wave of Mobile Attacks

The pace of innovation on mobile phones and other smart wireless devices has accelerated greatly in the last few years, adding features, speed and computing power. But now the attackers are beginning to outstrip the good guys on mobile platforms, developing innovative new attacks and methods for...

0.7AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2010/04/20 3:54 p.m.6 views

scsi-target-utils: format string vulnerability

Multiple format string vulnerabilities in isns.c in 1 Linux SCSI target framework aka tgt or scsi-target-utils 1.0.3, 0.9.5, and earlier and 2 iSCSI Enterprise Target aka iscsitarget 0.4.16 allow remote attackers to cause a denial of service tgtd daemon crash or possibly have unspecified other...

5CVSS6AI score0.03381EPSS
Exploits0References4
NVD
NVD
added 2010/04/08 5:30 p.m.15 views

CVE-2010-0743

Multiple format string vulnerabilities in isns.c in 1 Linux SCSI target framework aka tgt or scsi-target-utils 1.0.3, 0.9.5, and earlier and 2 iSCSI Enterprise Target aka iscsitarget 0.4.16 allow remote attackers to cause a denial of service tgtd daemon crash or possibly have unspecified other...

5CVSS7.4AI score0.03381EPSS
Exploits0References13
Rows per page
Query Builder