Lucene search
K

8 matches found

OSV
OSV
added 2026/05/10 5:16 a.m.5 views

UBUNTU-CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 3:27 a.m.22 views

CVE-2026-6735 XSS within PHP-FPM status endpoint

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6.2AI score0.0021EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.7 views

SUSE CVE-2014-1556

Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library...

9.3CVSS9.3AI score0.03758EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.4 views

SUSE CVE-2014-1561

Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during 1 page, 2 panel, or 3 toolbar customization...

5.8CVSS8.8AI score0.02138EPSS
Exploits0References6
OSV
OSV
added 2022/07/17 11:15 p.m.5 views

UBUNTU-CVE-2022-31213

An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file...

7.5CVSS7.1AI score0.01749EPSS
Exploits3References3
CNNVD
CNNVD
added 2022/05/11 12:0 a.m.6 views

LiteSpeed QUIC 代码问题漏洞

LiteSpeed QUIC LSQUIC is an open source implementation of QUIC and HTTP/3 functionality for servers and clients from LiteSpeed USA. A security vulnerability exists in LiteSpeed QUIC versions prior to 31.0 that stems from liblsquic/lsquicqenchdl.c incorrectly handling MAXTABLECAPACITY...

9.8CVSS8.3AI score0.03246EPSS
Exploits0References4
OSV
OSV
added 2014/10/14 12:0 a.m.2 views

UBUNTU-CVE-2014-1574

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown...

7.5CVSS7.2AI score0.03897EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/07/22 6:20 p.m.7 views

Mozilla: Use-after-free with FireOnStateChange event (MFSA 2014-61)

Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event...

9.3CVSS7.3AI score0.04907EPSS
Exploits0References5
Rows per page
Query Builder