Lucene search
K

120 matches found

Kitploit
Kitploit
added 2021/03/30 8:30 p.m.43 views

ClearURLs - An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy

ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This extension will automatically remove tracking elements from URLs to help protect your privacy when browse through the Internet, which is regularly updated by us and can be...

7.3AI score
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2020/10/26 12:0 a.m.41 views

openSUSE Security Update : opera (openSUSE-2020-1713)

This update for opera fixes the following issues : opera was updated to version 71.0.3770.228 - DNA-87466 Hide extensions icon is black in dark theme - DNA-88580 Implement searchintabs telemetry benchmark - DNA-88591 Allow to scroll down the Keyboards Shortcuts section with URL - DNA-88693 Random...

9.6CVSS6.8AI score0.03291EPSS
Exploits6References14
OSV
OSV
added 2020/09/03 7:14 p.m.12 views

GHSA-XWG3-GJXH-C8PM Malicious Package in ngx-context-menu

Version 0.0.26 of ngx-context-menu contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...

7.2AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 7:14 p.m.27 views

Malicious Package in ngx-context-menu

Version 0.0.26 of ngx-context-menu contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...

7AI score
Exploits0References2Affected Software1
Kitploit
Kitploit
added 2020/05/05 12:30 p.m.54 views

Generator-Burp-Extension - Everything You Need About Burp Extension Generation

Everything You Need About Burp Extension Generation Installation First, install Yeoman and generator-burp-extension using npm we assume you have pre-installed node.js. npm install -g yo npm install -g generator-burp-extension Then generate your new project: yo burp-extension Burp Extension featur...

7.2AI score
Exploits0References6
Microsoft KB
Microsoft KB
added 2020/04/14 7:0 a.m.53 views

Description of the security update for SharePoint Foundation 2010: April 14, 2020

Description of the security update for SharePoint Foundation 2010: April 14, 2020 Summary This security update resolves remote code execution vulnerabilities that exist in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about these...

8.8CVSS6.6AI score0.1318EPSS
Exploits0
OSV
OSV
added 2019/08/05 6:15 p.m.2 views

CVE-2019-11198

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

6.1CVSS6.4AI score
Exploits0References2
NVD
NVD
added 2019/08/05 6:15 p.m.13 views

CVE-2019-11198

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

6.1CVSS6.1AI score0.0108EPSS
Exploits0References2
Prion
Prion
added 2019/08/05 6:15 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

4.3CVSS6AI score0.0108EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/05 5:13 p.m.17 views

CVE-2019-11198

Multiple cross-site scripting XSS vulnerabilities in Sitecore CMS 9.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 300583 - List Manager Dashboard module, 2 307638 - Campaign Creator module, 3 316994 - Attributes field, 4 I316995 - Icon Selection module, 5...

6.1AI score0.0108EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 4:42 a.m.26 views

Cross Site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...

10CVSS8.2AI score0.73327EPSS
Exploits5References23Affected Software2
Veracode
Veracode
added 2019/05/02 4:42 a.m.25 views

Clickjacking Attack

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...

10CVSS8.2AI score0.73327EPSS
Exploits5References29Affected Software3
Veracode
Veracode
added 2019/05/02 4:42 a.m.27 views

Denial Of Service (DoS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1948,...

10CVSS8.2AI score0.73327EPSS
Exploits5References29Affected Software3
Hacker One
Hacker One
added 2019/02/17 4:0 p.m.37 views

Notepad++: Command injection by setting a custom search engine

Summary: Arbitrary commands can be injected when using the "Search on Internet" function with a malicious custom search engine. The custom search engine can be set through the GUI or the config files, with different attack scenarios. Description: The "Search on Internet" context menu functionalit...

Exploits0
Microsoft KB
Microsoft KB
added 2018/08/14 7:0 a.m.312 views

Description of the security update for SharePoint Enterprise Server 2016: August 14, 2018

None None...

5.5CVSS6.5AI score0.08247EPSS
Exploits0
Prion
Prion
added 2018/03/11 5:29 a.m.16 views

Code injection

The Password Manager Extension in Abine Blur 7.8.242 before 7.8.2428 allows attackers to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured...

5CVSS9.1AI score0.01663EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/03/11 5:0 a.m.17 views

CVE-2018-7213

The Password Manager Extension in Abine Blur 7.8.242 before 7.8.2428 allows attackers to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured...

9.3AI score0.01663EPSS
Exploits0References4
OSV
OSV
added 2017/05/22 7:29 p.m.5 views

UBUNTU-CVE-2017-9149

Metadata Anonymisation Toolkit MAT 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to obtain sensitive information by reading a file for which cleaning had been attempted...

7.5CVSS5.8AI score0.01796EPSS
Exploits0References3
CNVD
CNVD
added 2015/05/14 12:0 a.m.5 views

Mozilla Firefox referrer policy bypass vulnerability

Mozilla Firefox is a popular open source WEB browser. When opening links via mid-click and context menus, Mozilla Firefo fails to properly enforce referer policies when handling meta tags, allowing remote attackers to perform unauthorized actions bypassing security restrictions...

4.3CVSS6.7AI score0.01904EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2015/05/13 12:0 a.m.31 views

CVE-2015-2711

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a UR...

4.3CVSS7.2AI score0.01904EPSS
Exploits0References3
Rows per page
Query Builder