Lucene search
K

156 matches found

RedHat Linux
RedHat Linux
added 2012/10/09 10:25 p.m.9 views

Mozilla: top object and location property accessible by plugins (MFSA 2012-82)

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting XSS attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and...

4.3CVSS7.3AI score0.02388EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/06/18 12:0 a.m.36 views

Fedora 15 : java-1.6.0-openjdk-1.6.0.0-65.1.10.8.fc15 (2012-9541)

Security fixes S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel...

10CVSS8AI score0.93688EPSS
Exploits9References1
Prion
Prion
added 2012/01/18 8:55 p.m.28 views

Null pointer dereference

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

5CVSS7.1AI score0.122EPSS
Exploits9References9Affected Software1
UbuntuCve
UbuntuCve
added 2012/01/18 12:0 a.m.41 views

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

5CVSS7.2AI score0.122EPSS
Exploits9References2
0day.today
0day.today
added 2012/01/14 12:0 a.m.76 views

PHP 5.3.8 Multiple Vulnerabilities

Exploit for multiple platform in category dos / poc PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NULL Pointer Dereference with...

7.1AI score0.122EPSS
Exploits9
RedHat Linux
RedHat Linux
added 2009/07/22 12:27 a.m.3 views

Mozilla remote code execution using watch and __defineSetter__ on SVG element

Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an defineSetter function, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted documen...

10CVSS6.3AI score0.05557EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2009/06/16 12:0 a.m.8 views

PT-2009-4529 · Drupal · Drupal Views

Name of the Vulnerable Software and Affected Versions: Drupal Views module versions prior to 6.x-2.6 Description: A cross-site scripting XSS issue allows remote authenticated users to inject arbitrary web script or HTML via exposed filters in the Views UI administrative interface and the view nam...

3.5CVSS5.1AI score0.00896EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2009/03/05 12:10 a.m.7 views

Firefox 3 crashes in the JavaScript engine

The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pas...

10CVSS7.8AI score0.05789EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/11/12 5:23 p.m.6 views

security flaw

The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory vi...

4.3CVSS5.9AI score0.03798EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/10/28 2:29 p.m.6 views

security flaw

The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory vi...

4.3CVSS5.9AI score0.03798EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2007/05/17 12:0 a.m.34 views

Low: sendmail security and bug fix update

8.13.1-3.2.el4 - fixed infinite loop within tls read by enabling FFRDEALWITHERRORSSL Resolves: rhbz121850 - fixed incorrect path to selinuxenabled in initscript Resolves: rhbz152282 - removed rpm build artifacts from sendmail-cf package Resolves: rhbz152955 - fixed missing socketmap support...

4.3CVSS1.7AI score0.01986EPSS
Exploits0
seebug.org
seebug.org
added 2007/01/20 12:0 a.m.16 views

Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion Vulnerability

No description provided by source. ====================================================================== Bradabra == v2.0.5 Remote File Include Vulnerability ====================================================================== Downlaoad Script :ftp://ftp1.comscripts.com/PHP/773bradabra-205.gz...

7.1AI score
Exploits0
Prion
Prion
added 2007/01/09 2:28 a.m.23 views

Heap overflow

Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table DHT marker...

9.3CVSS8.2AI score0.10966EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2007/01/09 2:0 a.m.60 views

CVE-2007-0126

CVE-2007-0126 concerns Opera 9.02 where a heap-based overflow in processing a JPEG Define Huffman Table (DHT) marker can allow remote code execution. Connected advisories alsoreference CVE-2007-0127 related to a typecasting issue in Opera’s SVG handling. Mitigation documented in GLSA 200701-08 an...

9.3CVSS7.7AI score0.10966EPSS
Exploits0References11Affected Software1
exploitpack
exploitpack
added 2007/01/08 12:0 a.m.35 views

Opera 9.10 - .jpg Image DHT Marker Heap Corruption

Opera 9.10 - .jpg Image DHT Marker Heap Corruption Opera JPEG processing - Heap corruption vulnerabilities ======================================================= Date..: 8th September 2006 31th October 2006 update 3rd November 2006 update 5th January 2007 public release...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2006/10/31 12:0 a.m.37 views

New Vunerability

and now , 00 TNX str0k jamroom-3.0.19 Class: Remote|Local File Include Vulnerability Remote: Yes Local: No Type: High $it :http://www.jamroom.net/Downloads3Core Author: xw0x Contact: [email protected] Ramadan Bayarma All Musulman Vuln Code =================libchart.php================ requireonce...

1AI score
Exploits0
Rows per page
Query Builder