Lucene search
K

5260 matches found

OSV
OSV
added 2009/05/06 5:30 p.m.3 views

CVE-2009-1572

The BGP daemon bgpd in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service crash via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error...

6.3AI score
Exploits0References19
Prion
Prion
added 2009/04/02 5:30 p.m.18 views

Code injection

Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service application crash via an XML document containing many nested A elements...

4.3CVSS6.8AI score0.04446EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2009/03/24 12:1 p.m.3 views

Firefox XUL Linked Clones Double Free Vulnerability

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

10CVSS7.8AI score0.04709EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.42 views

Mozilla Seamonkey Multiple Vulnerabilities (Mar 2009) - Windows

Mozilla Seamonkey browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.8AI score0.05789EPSS
Exploits1References6
Prion
Prion
added 2009/03/05 2:30 a.m.20 views

Double free

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

10CVSS8.1AI score0.04709EPSS
Exploits0References27Affected Software3
NVD
NVD
added 2009/03/05 2:30 a.m.15 views

CVE-2009-0775

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

10CVSS7.5AI score0.04709EPSS
Exploits0References27
Cvelist
Cvelist
added 2009/03/05 2:0 a.m.21 views

CVE-2009-0775

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

9.8AI score0.04709EPSS
Exploits0References27
CVE
CVE
added 2009/03/05 2:0 a.m.138 views

CVE-2009-0775

CVE-2009-0775 is a Mozilla Firefox/Thunderbird/SeaMonkey vulnerability described in the MiracleLinux AXSA advisory as a Double free in cloned XUL DOM elements linked as parent/child that are mishandled during garbage collection. A remote attacker could potentially execute arbitrary code by crafti...

10CVSS9.7AI score0.04709EPSS
Exploits0References27Affected Software3
RedHat Linux
RedHat Linux
added 2009/03/05 12:10 a.m.7 views

Firefox 3 crashes in the JavaScript engine

The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pas...

10CVSS7.8AI score0.05789EPSS
Exploits1References4
Mozilla
Mozilla
added 2009/03/04 12:0 a.m.30 views

Mozilla Firefox XUL Linked Clones Double Free Vulnerability — Mozilla

An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla's garbage collection process. The vulnerability was caused by improper memory management of a set of cloned XUL DOM elements which were linked as a parent and child. After reloading the...

10CVSS2.4AI score0.04709EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2009/03/04 12:0 a.m.24 views

CVE-2009-0775

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

10CVSS7.4AI score0.04709EPSS
Exploits0References2
Cvelist
Cvelist
added 2008/12/19 5:0 p.m.18 views

CVE-2008-0971

Multiple cross-site scripting XSS vulnerabilities in index.cgi in Barracuda Spam Firewall BSF before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or...

5.7AI score0.01504EPSS
Exploits1References7
Mozilla
Mozilla
added 2008/12/16 12:0 a.m.24 views

User tracking via XUL persist attribute — Mozilla

Security researcher Hish reported that the persist attribute in XUL elements can be used to store cookie-like information on a user's computer which could later be read by a website. This creates a privacy issue for users who have a non-standard cookie preference and wish to prevent sites from...

5CVSS2.2AI score0.02295EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2008/11/25 11:30 p.m.32 views

Memory corruption

Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted HTML document...

9.3CVSS7.8AI score0.0585EPSS
Exploits0References13Affected Software1
UbuntuCve
UbuntuCve
added 2008/10/14 9:10 p.m.12 views

CVE-2008-4555

Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...

8.5CVSS6.4AI score0.05061EPSS
Exploits1References1
Prion
Prion
added 2008/10/14 9:10 p.m.11 views

Stack overflow

Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...

8.5CVSS8.3AI score0.05061EPSS
Exploits1References10Affected Software1
OpenVAS
OpenVAS
added 2008/10/06 12:0 a.m.43 views

Mozilla Firefox Multiple Vulnerability July-08 (Windows)

The host is installed with Mozilla Firefox browser, that is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbfirefoxmultvulnjuly08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Mozilla Firefox Multiple Vulnerability July-08 Windows Authors: Chandan S Copyright: Copyright c 2008...

10CVSS0.4AI score0.13949EPSS
Exploits2References13
UbuntuCve
UbuntuCve
added 2008/08/27 3:21 p.m.26 views

CVE-2008-3743

Multiple cross-site request forgery CSRF vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for 1 cached forms and 2 forms with AHAH elements...

5.8CVSS5.9AI score0.00837EPSS
Exploits0References1
NVD
NVD
added 2008/08/27 3:21 p.m.20 views

CVE-2008-3743

Multiple cross-site request forgery CSRF vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for 1 cached forms and 2 forms with AHAH elements...

5.8CVSS7AI score0.00837EPSS
Exploits0References9
Prion
Prion
added 2008/08/27 3:21 p.m.11 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for 1 cached forms and 2 forms with AHAH elements...

5.8CVSS7.2AI score0.00837EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder