Lucene search
K

1265 matches found

Cvelist
Cvelist
added 2007/03/05 10:0 p.m.34 views

CVE-2007-0714

Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted QuickTime movie with a User Data Atom UDTA with an Atom size field with a large value...

7.5AI score0.08167EPSS
Exploits1References16
NVD
NVD
added 2007/02/06 7:28 p.m.19 views

CVE-2007-0791

Cross-site scripting XSS vulnerability in Atom feeds in Bugzilla 2.20.3, 2.22.1, and 2.23.3, and earlier versions down to 2.20.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01188EPSS
Exploits0References9
Prion
Prion
added 2007/02/06 7:28 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in Atom feeds in Bugzilla 2.20.3, 2.22.1, and 2.23.3, and earlier versions down to 2.20.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01188EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2007/02/06 7:0 p.m.26 views

CVE-2007-0791

Cross-site scripting XSS vulnerability in Atom feeds in Bugzilla 2.20.3, 2.22.1, and 2.23.3, and earlier versions down to 2.20.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01188EPSS
Exploits0References9
CVE
CVE
added 2007/02/06 7:0 p.m.60 views

CVE-2007-0791

CVE-2007-0791 is a cross-site scripting (XSS) vulnerability in Bugzilla’s Atom feeds affecting Bugzilla versions 2.20.3, 2.22.1, 2.23.3, and older releases back to 2.20.1. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors within Atom feeds. The conne...

4.3CVSS5.7AI score0.01188EPSS
Exploits0References9Affected Software1
Packet Storm
Packet Storm
added 2007/01/02 12:0 a.m.19 views

simplog0932.txt

Afected Software: simplog up to 0.9.3.2 latest version - 12/05/2006 Site: http://www.simplog.org Simplog provides an easy way for users to add blogging capabilities to their existing websites. Simplog is written in PHP and compatible with multiple databases. Simplog also features an RSS/Atom...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/09/20 12:0 a.m.12 views

RSSOwl < 1.2.3 Atom Feed XSS

Binary data 3746.prm...

4.3CVSS7.3AI score0.01321EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2006/09/20 12:0 a.m.25 views

FeedDemon < 2.0.0.25 Atom Feed Active Script Code Execution

According to the Windows registry, the version of FeedDemon, an RSS reader for Windows, installed on the remote host is affected by a flaw due to improper sanitization of RSS feeds of Active Script code. An attacker can exploit this issue to inject arbitrary script into the affected application,...

4.3CVSS5.6AI score0.01669EPSS
Exploits1References3
NVD
NVD
added 2006/09/13 11:7 p.m.22 views

CVE-2006-4760

Multiple cross-site scripting XSS vulnerabilities in Benjamin Pasero and Tobias Eichert RSSOwl allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite...

4.3CVSS5.6AI score0.01321EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/09/13 11:0 p.m.28 views

CVE-2006-4761

Multiple cross-site scripting XSS vulnerabilities in Luke Hutteman SharpReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite...

5.8AI score0.01172EPSS
Exploits1References5
NVD
NVD
added 2006/09/12 4:7 p.m.17 views

CVE-2006-4711

Multiple cross-site scripting XSS vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite...

4.3CVSS5.8AI score0.01191EPSS
Exploits1References3
NVD
NVD
added 2006/09/12 4:7 p.m.14 views

CVE-2006-4710

Multiple cross-site scripting XSS vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite...

4.3CVSS5.8AI score0.01669EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2006/09/12 4:7 p.m.29 views

CVE-2006-4711

Multiple cross-site scripting XSS vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite...

4.3CVSS5.9AI score0.01191EPSS
Exploits1References1
Cvelist
Cvelist
added 2006/09/12 4:0 p.m.20 views

CVE-2006-4710

Multiple cross-site scripting XSS vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite...

5.8AI score0.01669EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/09/12 4:0 p.m.17 views

CVE-2006-4711

Multiple cross-site scripting XSS vulnerabilities in Sage allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certain test cases of the James M. Snell Atom 1.0 feed reader test suite...

5.8AI score0.01191EPSS
Exploits1References3
CVE
CVE
added 2006/09/12 4:0 p.m.38 views

CVE-2006-4710

CVE-2006-4710 affects NewsGator FeedDemon prior to 2.0.0.25. The vulnerability is a set of XSS flaws exploited via an Atom 1.0 feed, enabling an attacker to inject arbitrary script/HTML. The issue is demonstrated in test suites and is tied to improper handling of Atom feeds. Impact is the executi...

4.3CVSS5.8AI score0.01669EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2006/09/12 4:0 p.m.52 views

CVE-2006-4711

The Red Hat CVE and related records confirm CVE-2006-4711 affects Sage with an XSS vulnerability exposed via Atom 1.0 feed handling, allowing remote attackers to inject arbitrary script/HTML. The core detail: XSS in Sage’s Atom 1.0 feed processing (as evidenced by Red Hat entry and similarly word...

4.3CVSS5.8AI score0.01191EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2006/06/29 11:5 p.m.28 views

CVE-2006-1467

Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC M4P, M4A, or M4B file with a sample table size STSZ atom with a "malformed" samplesizetable...

5.1CVSS7.4AI score0.06891EPSS
Exploits0References9
Prion
Prion
added 2006/06/29 11:5 p.m.24 views

Integer overflow

Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC M4P, M4A, or M4B file with a sample table size STSZ atom with a "malformed" samplesizetable...

5.1CVSS7.8AI score0.06891EPSS
Exploits0References9Affected Software1
Saint
Saint
added 2006/05/24 12:0 a.m.32 views

QuickTime MOV file udta Atom buffer overflow

Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...

5.1CVSS6.9AI score0.05586EPSS
Exploits4
Rows per page
Query Builder