Lucene search
K

10 matches found

The Hacker News
The Hacker News
added 2023/04/19 4:53 a.m.98 views

Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution

A fresh round of patches has been made available for the vm2 JavaScript library to address two critical flaws that could be exploited to break out of sandbox protections and achieve code execution. Both the flaws – CVE-2023-29199 and CVE-2023-30547 – are rated 9.8 out of 10 on the CVSS scoring...

10CVSS10.2AI score0.72087EPSS
Exploits9
The Hacker News
The Hacker News
added 2023/04/08 5:4 a.m.60 views

Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode. The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from Sout...

10CVSS10.1AI score0.63186EPSS
Exploits3
Rockylinux
Rockylinux
added 2019/05/13 10:43 a.m.36 views

python-jinja2 security update

An update is available for python-jinja2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-jinja2 package contains Jinja2, a template engine written in...

8.6CVSS1.3AI score0.03603EPSS
Exploits1
Packet Storm
Packet Storm
added 2015/11/17 12:0 a.m.79 views

Ebay Magento Commerce Cross Site Scripting

Document Title: =============== Magento Bug Bounty 22 - Profile Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1636 Magento Security ID: APPSEC-1121 Release Date: ============= 2015-11-06 Vulnerability Laboratory ID VL-ID:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2012/05/09 12:0 a.m.57 views

Adobe Shockwave Player Remote Code Execution (CVE-2012-2029)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2029 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...

10CVSS1.6AI score0.06321EPSS
Exploits0
securityvulns
securityvulns
added 2011/02/22 12:0 a.m.58 views

Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability Advisory ID: cisco-sa-20110216-csa Revision 1.0 For Public Release 2011 February 16 1600 UTC GMT...

10CVSS0.1AI score0.19617EPSS
Exploits9
securityvulns
securityvulns
added 2010/11/09 12:0 a.m.75 views

Spree e-commerce JSON Hijacking Vulnerabilities - CVE-2010-3978

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Spree e-commerce JSON Hijacking Vulnerabilities CVE-2010-3978 INTRODUCTI...

5CVSS6.3AI score0.02534EPSS
Exploits1
securityvulns
securityvulns
added 2010/08/30 12:0 a.m.52 views

Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100825-cup Revision 1.0 For Public Release 2010 August 25 1600 UTC GMT +---------------------------------------------------------------------...

7.8CVSS0.2AI score0.0122EPSS
Exploits0
securityvulns
securityvulns
added 2010/08/26 12:0 a.m.48 views

Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2868

I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2010-2868...

9.3CVSS0.6AI score0.04674EPSS
Exploits0
securityvulns
securityvulns
added 2010/08/11 12:0 a.m.53 views

Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerability - CVE-2010-1903

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerabilit...

9.3CVSS0.1AI score0.19399EPSS
Exploits0
Rows per page
Query Builder