Lucene search
K

43 matches found

Veracode
Veracode
added 2026/04/04 5:30 a.m.8 views

Cross-Origin Data Theft

Glances is vulnerable to Cross-Origin Data Theft via XML-RPC Server CORS Misconfiguration. The vulnerability is due to the XML-RPC handler not validating the Content-Type header, where an attacker-controlled webpage can issue a CORS simple request containing a valid XML-RPC payload, and the serve...

7.1CVSS5.7AI score0.00409EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/18 4:31 p.m.9 views

CVE-2026-32610 Glances's Default CORS Configuration Allows Cross-Origin Credential Theft

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, the Glances REST API web server ships with a default CORS configuration that sets alloworigins="" combined with allowcredentials=True. When both of these options are enabled together, Starlette's CORSMiddlewa...

8.1CVSS5.7AI score0.00339EPSS
Exploits1References3
OSV
OSV
added 2026/03/16 4:32 p.m.5 views

GHSA-9JFM-9RC6-2HFQ Glances's Default CORS Configuration Allows Cross-Origin Credential Theft

Summary The Glances REST API web server ships with a default CORS configuration that sets alloworigins="" combined with allowcredentials=True. When both of these options are enabled together, Starlette's CORSMiddleware reflects the requesting Origin header value in the Access-Control-Allow-Origin...

8.1CVSS5.8AI score0.00339EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : thunderbird-60.7.0-1.AXS4 (AXSA:2019-3898:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3898:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 Mozilla: Cross-origin theft of images with createImageBitmap...

9.8CVSS7.5AI score0.09393EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.7 views

Mozilla Firefox ESR < 60.2

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-21 advisory. - A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by...

9.8CVSS7.4AI score0.03662EPSS
Exploits4References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-10224

Malware in sbrugna...

6.5CVSS7.7AI score0.0105EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-18499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http- equiv=refresh on a page to cause a redirection to another...

6.5CVSS7.2AI score0.0105EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.5 views

Imagination Security Breach

Imagination is a chip from Imagination. A security vulnerability exists in Imagination 2018 and prior versions, which stems from a software-transparent compression provided by PVRIC on GPU devices, which can be exploited for cross-origin pixel stealing attacks against feTurbulence and feBlend in...

5.3CVSS6.8AI score0.01809EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.24 views

Mozilla Firefox Security Advisory (MFSA2019-04) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

8.8CVSS7.4AI score0.0313EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.244 views

CentOS 8 : thunderbird (CESA-2019:1308)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:1308 advisory. - mozilla: Cross-origin theft of images with ImageBitmapRenderingContext CVE-2018-18511 - Mozilla: Use-after-free in XMLHttpRequest CVE-2019-11691 -...

9.8CVSS7.4AI score0.09393EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2019/06/11 12:0 a.m.36 views

CentOS 7 : thunderbird (CESA-2019:1309)

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS7.4AI score0.09393EPSS
Exploits3References13
Cent OS
Cent OS
added 2019/06/10 10:49 p.m.88 views

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:1310 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.8CVSS6.8AI score0.09393EPSS
Exploits3References7
Cent OS
Cent OS
added 2019/06/10 10:30 p.m.87 views

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:1309 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.8CVSS6.8AI score0.09393EPSS
Exploits3References7
Mageia
Mageia
added 2019/06/10 7:17 p.m.54 views

Updated firefox packages fix security vulnerabilities

Updated firefox packages fix security vulnerabilities. Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with createImageBitmap...

9.8CVSS0.2AI score0.09393EPSS
Exploits4References3
Mageia
Mageia
added 2019/06/10 7:17 p.m.49 views

Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fixes bugs and security vulnerabilities: Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with...

9.8CVSS0.3AI score0.09393EPSS
Exploits4References4
OSV
OSV
added 2019/06/10 7:17 p.m.11 views

MGASA-2019-0190 Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fixes bugs and security vulnerabilities: Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with...

9.8CVSS7.1AI score0.09393EPSS
Exploits4References5
OSV
OSV
added 2019/06/10 7:17 p.m.9 views

MGASA-2019-0191 Updated firefox packages fix security vulnerabilities

Updated firefox packages fix security vulnerabilities. Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with createImageBitmap...

9.8CVSS7.2AI score0.09393EPSS
Exploits4References4
OSV
OSV
added 2019/06/10 9:32 a.m.9 views

OPENSUSE-SU-2019:1534-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to 60.7.0esr boo1135824 MFSA 2019-14: CVE-2018-18511: Cross-origin theft of images with ImageBitmapRenderingContext CVE-2019-11691: Use-after-free in XMLHttpRequest CVE-2019-11692: Use-after-free removing...

9.8CVSS7.6AI score0.09393EPSS
Exploits4References19
Tenable Nessus
Tenable Nessus
added 2019/06/05 12:0 a.m.38 views

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190604)

Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 - Mozilla: Cross-origin theft of images with createImageBitmap CVE-2019-9797 - Mozilla: Stealing of cross-domain images using canvas CVE-2019-9817 - Mozilla: Compartment mismatch with fetch API...

9.8CVSS7.3AI score0.09393EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2019/06/05 12:0 a.m.38 views

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20190604)

Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 - Mozilla: Cross-origin theft of images with createImageBitmap CVE-2019-9797 - Mozilla: Stealing of cross-domain images using canvas CVE-2019-9817 - Mozilla: Compartment mismatch with fetch API...

9.8CVSS7.3AI score0.09393EPSS
Exploits3References13
Rows per page
Query Builder