Lucene search
+L

121 matches found

ptsecurity
ptsecurity
added 2023/06/14 12:0 a.m.6 views

PT-2023-25161 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.399 and earlier, LTS versions 2.387.3 and earlier Description: The issue arises when POST requests are sent to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a...

8CVSS8AI score0.0086EPSS
Exploits0References11
pentestlab
pentestlab
added 2023/03/13 3:19 p.m.15 views

Persistence – Context Menu

Context menu provides shortcuts to the user in order to perform a number of actions. The context menu is invoked with a right mouse click… Continue reading - Persistence - Context Menu...

7.2AI score
Exploits0
pentestlab
pentestlab
added 2023/03/13 3:19 p.m.23 views

Persistence – Context Menu

Context menu provides shortcuts to the user in order to perform a number of actions. The context menu is invoked with a right mouse click… Continue reading - Persistence - Context Menu...

2.3AI score
Exploits0
susecve
susecve
added 2023/02/15 5:47 a.m.3 views

SUSE CVE-2012-1966

Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS7.9AI score0.02191EPSS
Exploits1References8
susecve
susecve
added 2023/02/15 5:44 a.m.5 views

SUSE CVE-2012-4515

Use-after-free vulnerability in khtml/rendering/renderreplaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by accessing an iframe when it is being updated...

6.8CVSS7.9AI score0.06438EPSS
Exploits6References4
susecve
susecve
added 2023/02/15 5:20 a.m.5 views

SUSE CVE-2015-2711

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a UR...

4.3CVSS8.5AI score0.01904EPSS
Exploits0References4
mskb
mskb
added 2022/10/25 12:0 a.m.6 views

October 25, 2022—KB5018483 (OS Build 22000.1165) Preview

None None...

6.1AI score
Exploits0
opensuse
opensuse
added 2022/07/13 12:0 a.m.63 views

Security update for opera (important)

openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:10057-1 Rating: important References: Cross-References: CVE-2022-2007 CVE-2022-2008 CVE-2022-2010 CVE-2022-2011 CVE-2022-2294 Affected Products: openSUSE Leap 15.3:NonFree openSUSE Leap 15.4:NonFree An update th...

9.3CVSS7AI score0.70461EPSS
Exploits0
snyk
snyk
added 2022/06/23 9:26 a.m.4 views

Malicious Package

Overview @xunlie/vue-context-menu is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7AI score
Exploits0References3
ossf
ossf
added 2022/06/20 8:15 p.m.6 views

Malicious code in @tinkoff-react-bui/context-menu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f239b4e149956ae7fcbe368e6040942fc96e8fd6a13a332a4c1e64cffb9747d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
cnnvd
cnnvd
added 2022/06/06 12:0 a.m.8 views

Google Android 权限许可和访问控制问题漏洞

Google Android is a Linux-based open-source operating system from the U.S. company Google Google. Google Android has an elevation of privilege vulnerability that originates in onCreateContextMenu in NetworkProviderSettings.java. Due to a lack of privilege checking, a non-owner user could change...

7.3CVSS5.9AI score0.00111EPSS
Exploits0References6
osv
osv
added 2021/12/08 10:15 p.m.2 views

CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS7.3AI score0.00329EPSS
Exploits0References2
nvd
nvd
added 2021/12/08 10:15 p.m.14 views

CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS0.00329EPSS
Exploits0References2
prion
prion
added 2021/12/08 10:15 p.m.24 views

Design/Logic Flaw

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS4.4AI score0.00528EPSS
Exploits0References2Affected Software1
ubuntucve
ubuntucve
added 2021/12/08 10:15 p.m.34 views

CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS5.8AI score0.00329EPSS
Exploits0References4
osv
osv
added 2021/12/08 10:15 p.m.11 views

UBUNTU-CVE-2021-43532

The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an...

6.1CVSS6.1AI score0.00528EPSS
Exploits0References5
osv
osv
added 2021/12/08 10:15 p.m.10 views

UBUNTU-CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS5.8AI score0.00329EPSS
Exploits0References5
cve
cve
added 2021/12/08 9:20 p.m.89 views

CVE-2021-43532

Summary: CVE-2021-43532 affects Firefox prior to 94 and relates to the Copy Image Link context menu. The bug allowed copying the final image URL after redirects, enabling token theft if a user pasted the URL back into a page and the URL leaked authentication tokens. The underlying issue involved ...

6.1CVSS4.6AI score0.00528EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2021/12/08 9:20 p.m.32 views

CVE-2021-43532

The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an...

6.1CVSS4.9AI score0.00528EPSS
Exploits0
openvas
openvas
added 2021/11/11 12:0 a.m.17 views

Mozilla Firefox Security Advisory (MFSA2015-49) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

4.3CVSS9.5AI score0.01904EPSS
Exploits0References3
Rows per page
Query Builder