Lucene search
K

87 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.10 views

Siemens Teamcenter PDF.js Arbitrary Code Execution (SSA-827383)

The version of Siemens Teamcenter installed on the remote host is affected by a vulnerability: - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. CVE-2024-4367 Note that Nessus has not tested for this issue but has...

8.8CVSS7.6AI score0.72648EPSS
Exploits15References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/22 11:13 a.m.7 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in pdfjs-dist-2.4.456.tgz

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in pdfjs-dist-2.4.456.tgz Vulnerability Details CVEID:CVE-2024-4367 DESCRIPTION: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js...

8.8CVSS8.7AI score0.72648EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/16 12:29 p.m.5 views

Security Bulletin: IBM ICCSAP cross site scripting vulnerablity fix.

Summary Vulnerability were disclosed part of Cross Site Scripting With PDF Vulnerability Details CVEID:CVE-2024-4367 DESCRIPTION: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox 126,...

8.8CVSS7.8AI score0.72648EPSS
Exploits15Affected Software2
GithubExploit
GithubExploit
added 2025/06/28 5:46 p.m.304 views

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

CVE-2024-4367 POC for PDF.js POC for PDF.js' CVE-2024-4367 vu...

8.8CVSS8.4AI score0.72648EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: firefox (TSSA-2024:0240)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0240 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS8.2AI score0.72648EPSS
Exploits18References7
GithubExploit
GithubExploit
added 2025/05/16 7:19 a.m.211 views

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

!IMPORTANT This repository is designed for learning about vu...

8.8CVSS7.3AI score0.72648EPSS
Exploits15
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.240 views

Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution

Exploit Title: Firefox ESR 115.11 - Arbitrary JavaScript execution in PDF.js Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

8.8CVSS7.4AI score0.72648EPSS
Exploits15
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 11:3 p.m.35 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Mozilla Firefox arbitrary code execution vulnerability [CVE-2024-4367]

Summary Potential Mozilla Firefox arbitrary code execution vulnerability CVE-2024-4367 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-436...

8.8CVSS7.7AI score0.72648EPSS
Exploits15Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.23 views

Atlassian Confluence 3.0.x < 7.19.25 / 7.20.x < 8.5.11 / 8.6.x < 8.9.3 (CONFSERVER-98205)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98205 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability...

8.8CVSS8.8AI score0.72648EPSS
Exploits15References2
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2024:1858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.3AI score0.72648EPSS
Exploits18References4
Patchstack
Patchstack
added 2024/08/12 12:0 a.m.18 views

WordPress DearFlip Plugin <= 2.2.55 is vulnerable to Cross Site Scripting (XSS)

Software DearFlip Type Plugin Vulnerable versions = 2.2.55 Fixed in 2.2.56 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8b20eae5d21 Credits m3ez Required...

6.5AI score0.72648EPSS
Exploits15References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/08 12:0 a.m.23 views

Debian dsa-5742 : odoo-14 - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5742 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5742-1 [email protected] https://www.debian.org/security/...

8.8CVSS8.6AI score0.72648EPSS
Exploits15References4
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.18 views

WordPress PDF Viewer for Elementor Plugin <= 2.9.3 is vulnerable to Cross Site Scripting (XSS)

Software PDF Viewer for Elementor Type Plugin Vulnerable versions = 2.9.3 Fixed in N/A OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID 769c101f6b45 Credits Yudistira...

6.6AI score0.72648EPSS
Exploits15References1Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.22 views

WordPress PDF.js Viewer Plugin <= 2.1.8.1 is vulnerable to Cross Site Scripting (XSS)

Software PDF.js Viewer Type Plugin Vulnerable versions = 2.1.8.1 Fixed in 2.2 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8e9d442ad86 Credits Yudistira Arya...

6.6AI score0.72648EPSS
Exploits15References2Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.18 views

WordPress PDF Embedder Plugin <= 4.7.1 is vulnerable to Cross Site Scripting (XSS)

Software PDF Embedder Type Plugin Vulnerable versions = 4.7.1 Fixed in 4.8.0 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7794a505b744 Credits m3ez Required...

6.6AI score0.72648EPSS
Exploits15References2Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.21 views

WordPress ARI Fancy Lightbox Plugin <= 1.3.14 is vulnerable to Cross Site Scripting (XSS)

Software ARI Fancy Lightbox Type Plugin Vulnerable versions = 1.3.14 Fixed in 1.3.15 OWASP Top 10 A6: Vulnerable and Outdated Components Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID c2fee65eb87c Credits Yudistira...

6.5AI score0.72648EPSS
Exploits15References2Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.17 views

WordPress Wonder PDF Embed Plugin <= 2.7 is vulnerable to Cross Site Scripting (XSS)

Software Wonder PDF Embed Type Plugin Vulnerable versions = 2.7 Fixed in 2.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID 563e16943dd0 Credits Yudistira Arya Required privilege Author...

6.9AI score0.72648EPSS
Exploits15References2Affected Software1
Patchstack
Patchstack
added 2024/06/27 12:0 a.m.18 views

WordPress EmbedPress Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software EmbedPress Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4367 Patch priority Low CVSS severity Low 4 Developer Claim ownership PSID 86a2108fb08b Credits Yudistira Arya Required privilege...

6.9AI score0.72648EPSS
Exploits15References2Affected Software1
OSV
OSV
added 2024/06/14 1:59 p.m.21 views

RLSA-2024:3784 Moderate: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fixes: firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox: Potential...

8.8CVSS8.5AI score0.72648EPSS
Exploits18References7
OSV
OSV
added 2024/06/14 1:59 p.m.26 views

RLSA-2024:3783 Moderate: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fixes: firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsi...

8.8CVSS8.6AI score0.72648EPSS
Exploits18References7
Rows per page
Query Builder