Lucene search
K

152 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.3 views

SUSE CVE-2008-0594

Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks...

5CVSS8.6AI score0.01968EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.6 views

SUSE CVE-2010-3772

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...

9.3CVSS7.8AI score0.04812EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.4 views

SUSE CVE-2014-1539

Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image...

5CVSS8.7AI score0.02151EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:22 a.m.5 views

SUSE CVE-2015-0810

Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element...

4.3CVSS8.6AI score0.01481EPSS
Exploits0References3
OSV
OSV
added 2022/09/16 11:46 p.m.10 views

GSD-2022-1005295 wifi: rtw89: 8852a: rfk: fix div 0 exception

wifi: rtw89: 8852a: rfk: fix div 0 exception This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2022/09/01 12:0 a.m.13 views

Div by 0 can block functions such as updateMovingAverage

Lines of code Vulnerability details Prevent div by 0 Impact On several locations in the code precautions are taken not to divide by 0, because this will revert the code. However on some locations this isn’t done. All this reverts can be caused by state variables assigned to 0 or with length 0, th...

7.1AI score
Exploits0
OSV
OSV
added 2022/07/29 7:15 p.m.3 views

CVE-2022-36378

Authenticated author or higher user role Stored Cross-Site Scripting XSS vulnerability in PluginlySpeaking Floating Div plugin = 3.0 at WordPress...

4.8CVSS5.8AI score0.00463EPSS
Exploits0References2
Prion
Prion
added 2022/07/29 7:15 p.m.17 views

Cross site scripting

Authenticated author or higher user role Stored Cross-Site Scripting XSS vulnerability in PluginlySpeaking Floating Div plugin = 3.0 at WordPress...

4.3CVSS4.8AI score0.00463EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/07/29 6:57 p.m.64 views

CVE-2022-36378

CVE-2022-36378 affects the WordPress Floating Div plugin (

4.8CVSS4.8AI score0.00463EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/07/29 12:0 a.m.3 views

WordPress plugin floating-div 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS5.1AI score0.00463EPSS
Exploits0References3
Patchstack
Patchstack
added 2022/07/29 12:0 a.m.24 views

WordPress Floating Div plugin <= 3.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Floating Div plugin versions = 3.0. Solution No patched version available...

4.8CVSS2.8AI score0.00463EPSS
Exploits0Affected Software1
Code423n4
Code423n4
added 2022/06/19 12:0 a.m.11 views

Tokens with decimals larger than 18 are not supported

Lines of code Vulnerability details For tokens with decimals larger than 18, many functions across the codebase will revert due to underflow. function getPriceFromDexaddress tokenAddress public view returns uint256 PriceInfo storage priceInfo = priceRecordstokenAddress; if priceInfo.active uint25...

6.9AI score
Exploits0
OSV
OSV
added 2022/05/24 10:29 p.m.27 views

GHSA-W358-RJ93-R5QV Apache Superset Stored XSS on Dashboard markdown

Apache Superset up to and including 0.38.0 allowed the creation of a Markdown component on a Dashboard page for describing chart's related information. Abusing this functionality, a malicious user could inject javascript code executing unwanted action in the context of the user's browser. The...

5.4CVSS5.3AI score0.86393EPSS
Exploits0References6
Code423n4
Code423n4
added 2022/04/27 12:0 a.m.9 views

If currentMonth in init is 0, then CPI update will revert, zero div

This is a manual upgrade of the sixth item in QA report 86 , per judge @jack-the-pug's assessment of it as a Medium risk issue. If currentMonth in init is 0, then CPI update will revert, zero div --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
OSV
OSV
added 2022/04/15 6:15 p.m.1 views

DEBIAN-CVE-2021-44500

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. A lack of input validation in calls to ebdiv in srport/ebmuldiv.c allows attackers to crash the application by performing a divide by zero...

7.5CVSS7.4AI score0.01642EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/04/15 12:0 a.m.1 views

PT-2022-12147 · Fis +3 · Fis Gt.M +3

Name of the Vulnerable Software and Affected Versions: FIS GT.M versions through V7.0-000 Description: The issue is related to a lack of input validation in calls to eb div in sr port/eb muldiv.c, which allows attackers to crash the application by performing a divide by zero. Recommendations: For...

7.5CVSS7.6AI score0.01642EPSS
Exploits0References29
Code423n4
Code423n4
added 2022/03/24 12:0 a.m.11 views

Mint spread collateral-less and conjuring collateral claims out of thin air with implicit arithmetic rounding and flawed int to uint conversion

Lines of code Vulnerability details Impact This report presents 2 different incorrect behaviour that can affect the correctness of math calculations 1. Unattended Implicit rounding in QuantMath.sol div and mul 2. Inappropriate method of casting integer to unsigned integer in SignedConverter.sol...

6.9AI score
Exploits0
OSV
OSV
added 2022/02/18 11:15 p.m.26 views

UBUNTU-CVE-2017-0371

MediaWiki before 1.23.16, 1.24.x through 1.27.x before 1.27.2, and 1.28.x before 1.28.1 allows remote attackers to discover the IP addresses of Wiki visitors via a style="background-image: attrtitle url;" attack within a DIV element that has an attacker-controlled URL in the title attribute...

7.5CVSS7.1AI score0.01544EPSS
Exploits1References2
Code423n4
Code423n4
added 2021/12/12 12:0 a.m.10 views

createPromotion() Lack of input validation for _epochDuration can potentially freeze promotion creator's funds

Handle WatchPug Vulnerability details function createPromotion address ticket, IERC20 token, uint216 tokensPerEpoch, uint32 startTimestamp, uint32 epochDuration, uint8 numberOfEpochs external override returns uint256 requireTicketticket; uint256 nextPromotionId = latestPromotionId + 1;...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.6 views

kernel: eBPF 32-bit source register truncation on div/mod

A flaw was found in the Linux kernel’s eBPF verification code, where the eBPF 32-bit div/mod source register truncation could lead to out-of-bounds reads and writes. By default, accessing the eBPF verifier is only possible to privileged users with CAPSYSADMIN. This flaw allows a local user who ca...

7.8CVSS7.1AI score0.00282EPSS
Exploits0References6
Rows per page
Query Builder