Lucene search
K

6145 matches found

Tenable Nessus
Tenable Nessus
added 2009/07/22 12:0 a.m.21 views

Firefox < 3.0.12 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.0.12. Such versions are potentially affected by the following security issues : - Multiple memory corruption vulnerabilities could potentially be exploited to execute arbitrary code. MFSA 2009-34 - It may be possible to crash the browser or...

10CVSS7AI score0.1323EPSS
Exploits4References19
NVD
NVD
added 2009/07/16 4:30 p.m.19 views

CVE-2009-2483

libprop/propobject.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service NULL pointer dereference and kernel panic via a malformed externalized plist XML form containing an undefined element...

4.9CVSS6.1AI score0.00374EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2009/06/25 4:19 p.m.5 views

kdegraphics: KSVG Pointer use-after-free error in the SVG animation element (DoS, ACE)

Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service heap corruption and application crash via an SVG animation element, related to SVG set objects, SVG...

9.3CVSS6.3AI score0.06916EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/06/25 3:7 p.m.6 views

Firefox 2 and 3 Layout engine crash

The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree...

5CVSS5.9AI score0.01761EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2009/06/12 9:7 p.m.24 views

CVE-2009-2044

Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service application crash via a URI for a large GIF image in the BACKGROUND attribute of a BODY element...

4.3CVSS8.5AI score0.05887EPSS
Exploits1
NVD
NVD
added 2009/06/10 2:30 p.m.22 views

CVE-2009-1694

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site...

5.8CVSS7.1AI score0.02594EPSS
Exploits1References15
UbuntuCve
UbuntuCve
added 2009/06/10 2:30 p.m.34 views

CVE-2009-1694

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site...

5.8CVSS6AI score0.02594EPSS
Exploits1References1
Prion
Prion
added 2009/06/10 2:30 p.m.15 views

Cross site scripting

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."...

5.8CVSS6.6AI score0.02825EPSS
Exploits2References15Affected Software1
Cvelist
Cvelist
added 2009/06/10 2:0 p.m.33 views

CVE-2009-1693

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."...

7.2AI score0.02825EPSS
Exploits2References15
CVE
CVE
added 2009/06/10 2:0 p.m.71 views

CVE-2009-1694

CVE-2009-1694 affects WebKit in Apple Safari

5.8CVSS6.9AI score0.02594EPSS
Exploits1References15Affected Software1
UbuntuCve
UbuntuCve
added 2009/06/10 12:0 a.m.34 views

CVE-2009-1712

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element...

9.3CVSS6.1AI score0.07746EPSS
Exploits2References3
Zero Day Initiative
Zero Day Initiative
added 2009/06/08 12:0 a.m.33 views

Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the garbage collection of JavaScript set element...

9.3CVSS2AI score0.06916EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/06/04 12:0 a.m.31 views

Mozilla Firefox 'keygen' HTML Tag DOS Vulnerability (Windows)

The host is installed with Mozilla Firefox browser and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbfirefoxkeygendosvulnwin.nasl 4865 2016-12-28 16:16:43Z teissa $ Mozilla Firefox 'keygen' HTML Tag DOS Vulnerability Windows Authors: Antu Sanadi Copyright: Copyrig...

5CVSS9.4AI score0.08779EPSS
Exploits2References3
Prion
Prion
added 2009/05/29 8:30 p.m.28 views

Code injection

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

5CVSS6.7AI score0.08779EPSS
Exploits1References11Affected Software1
UbuntuCve
UbuntuCve
added 2009/05/29 8:30 p.m.34 views

CVE-2009-1828

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

5CVSS5.8AI score0.08779EPSS
Exploits1References1
NVD
NVD
added 2009/05/29 8:30 p.m.51 views

CVE-2009-1828

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

5CVSS6.3AI score0.08779EPSS
Exploits1References11
Cvelist
Cvelist
added 2009/05/29 8:0 p.m.49 views

CVE-2009-1828

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

9.1AI score0.08779EPSS
Exploits1References11
Cvelist
Cvelist
added 2009/05/29 8:0 p.m.31 views

CVE-2009-1827

The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause a denial of service application hang via a large value in the r aka Radius attribute of a circle element, related to an "unclamped loop."...

6.3AI score0.03938EPSS
Exploits1References9
CVE
CVE
added 2009/05/29 8:0 p.m.80 views

CVE-2009-1828

CVE-2009-1828 : Mozilla Firefox, version 3.0.10, is vulnerable to a remote DoS via a KEYGEN element when combined with (1) a META tag for automatic page refresh or (2) a BODY onLoad event. The description notes that earlier versions may also be affected. The provided documents do not include an e...

5CVSS8.9AI score0.08779EPSS
Exploits1References11Affected Software1
Prion
Prion
added 2009/05/11 3:30 p.m.24 views

Design/Logic Flaw

Opera executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a w...

9.3CVSS7AI score0.01717EPSS
Exploits0References2
Rows per page
Query Builder