Lucene search
K

43 matches found

CNNVD
CNNVD
added 2026/03/04 12:0 a.m.12 views

erase-install 安全漏洞

erase-install is a macOS system reinstallation and upgrade script developed by Graham Pugh. Versions of erase-install prior to v40.4 contained security vulnerabilities; these vulnerabilities stemmed from the practice of writing credential outputs into hardcoded paths, which could allow unverified...

6.6CVSS5.8AI score0.00241EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.9 views

PT-2026-7473

Name of the Vulnerable Software and Affected Versions cryptography versions prior to 46.0.5 Description The public key from numbers or EllipticCurvePublicNumbers.public key, EllipticCurvePublicNumbers.public key, load der public key, and load pem public key functions do not validate that the...

8.2CVSS5.3AI score0.00341EPSS
Exploits0References363
RedHat Linux
RedHat Linux
added 2026/01/05 1:39 a.m.6 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00422EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-21706

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description An issue exists due to incorrect boundary conditions withi...

10CVSS5.1AI score0.00625EPSS
Exploits2References262
RedHat Linux
RedHat Linux
added 2025/12/09 7:56 a.m.5 views

firefox: thunderbird: Spoofing issue in Firefox

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in Firefox...

3.4CVSS5.7AI score0.00226EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-45085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS...

6.1CVSS6.4AI score0.01485EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-3679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service...

9.3CVSS7.2AI score0.01218EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.6 views

WebCatalog Security Vulnerabilities

WebCatalog is a desktop application from WebCatalog, Inc. that improves workflow and increases productivity. A security vulnerability exists in WebCatalog versions prior to 49.0 that stems from not validating whether a URL is used for an http or https resource...

8.8CVSS6.7AI score0.01418EPSS
Exploits4References5
Positive Technologies
Positive Technologies
added 2023/09/27 12:0 a.m.6 views

PT-2023-28296 · Electron +1 · Electron +1

Name of the Vulnerable Software and Affected Versions: WebCatalog versions prior to 49.0 Description: The issue arises from WebCatalog calling the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances. This leads to incorrect...

8.8CVSS8.6AI score0.01418EPSS
Exploits4References8
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.6 views

PT-2023-21489 · Ibm · Bigfix Webui

Name of the Vulnerable Software and Affected Versions: BigFix WebUI Software Distribution interface site versions prior to 44 Description: A cross-site request forgery issue in the BigFix WebUI Software Distribution interface site allows an NMO attacker to access files on server-side systems,...

6.5CVSS6.4AI score0.00143EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.3 views

SUSE CVE-2014-7934

Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures...

7.5CVSS9.6AI score0.01746EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.2 views

SUSE CVE-2015-4473

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

10CVSS9.4AI score0.06963EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.1 views

SUSE CVE-2015-4479

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data...

10CVSS9AI score0.09027EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.6 views

SUSE CVE-2015-6783

The FindStartOffsetOfFileInZipFile function in crazylinkerzip.cpp in crazylinker aka Crazy Linker in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP...

4.3CVSS8.8AI score0.01233EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.4 views

SUSE CVE-2015-7203

Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font-family name...

10CVSS7.6AI score0.04318EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.4 views

SUSE CVE-2016-1613

Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destructi...

7.6CVSS9.5AI score0.01092EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:7 a.m.5 views

SUSE CVE-2016-1943

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method...

4.7CVSS6.8AI score0.00959EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.4 views

SUSE CVE-2016-5261

Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR 45.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted packets that trigger incorrect buffer-resize operations durin...

8.8CVSS8AI score0.04178EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5280

Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code via bidirectional text...

9.8CVSS8AI score0.05037EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

8.8CVSS9.3AI score0.02414EPSS
Exploits0References11
Rows per page
Query Builder