Lucene search
+L

100 matches found

CNVD
CNVD
added 2019/07/10 12:0 a.m.6 views

Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2019-39014)

Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...

7.6CVSS7AI score0.07794EPSS
Exploits0References1
OSV
OSV
added 2017/10/27 5:29 a.m.5 views

CVE-2017-5121

Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase...

8.8CVSS7.6AI score0.05288EPSS
Exploits0References8
OSV
OSV
added 2017/10/27 5:29 a.m.5 views

UBUNTU-CVE-2017-5122

Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page...

8.8CVSS7.3AI score0.01331EPSS
Exploits0References3
CNVD
CNVD
added 2017/08/09 12:0 a.m.9 views

Microsoft Edge Information Disclosure Vulnerability (CNVD-2017-23791)

Microsoft Windows 10 is a set of next-generation cross-platform operating systems released by Microsoft Corporation in the U.S. It is available for PCs and laptops, tablets, and cell phones, among other devices.Microsoft Edge is one of the default browsers that comes with the system. An informati...

4.3CVSS4.4AI score0.06002EPSS
Exploits2References1
OSV
OSV
added 2017/07/11 3:29 a.m.5 views

DEBIAN-CVE-2017-11164

In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...

7.5CVSS6.9AI score0.03102EPSS
Exploits0References1
OSV
OSV
added 2017/03/10 12:0 a.m.8 views

UBUNTU-CVE-2017-5040

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page...

4.3CVSS6.7AI score0.2224EPSS
Exploits0References4
OSV
OSV
added 2017/02/16 11:59 a.m.6 views

DEBIAN-CVE-2017-6004

The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular expression...

7.5CVSS7.5AI score0.04546EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/02/02 12:0 a.m.7 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the V8 component in Google Chrome browsers arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure through a specially created HTML page...

6.8CVSS7.8AI score0.01561EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/01/26 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a perpetrator to gain access to protected information.

The vulnerability of the V8 component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information through a specially created HTML page...

6.8CVSS7AI score0.00976EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.14 views

pcre: heap buffer over-read in pcre_compile2() (8.37/23)

The pcrecompile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service out-of-bounds read via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by...

5.5CVSS7AI score0.01592EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2015/10/29 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions.

The vulnerability of the Google V8 browser component in Google Chrome is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to circumvent existing access restrictions remotely...

7.5CVSS7.7AI score0.01757EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2013/11/18 2:39 p.m.9 views

MGASA-2013-0326 Updated thunderbird package fixes security vulnerabilities

Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2013-5590, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602...

10CVSS9.2AI score0.06493EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2011/08/18 6:55 p.m.1 views

CVE-2011-2982

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute...

10CVSS6.3AI score0.05263EPSS
Exploits1References19
RedHat Linux
RedHat Linux
added 2011/04/29 2:57 a.m.6 views

Mozilla crash from several marquee elements (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

10CVSS7.8AI score0.05259EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/04/16 3:38 p.m.4 views

security flaw

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...

7.5CVSS7.2AI score0.18162EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/03/14 5:2 a.m.5 views

security flaw

Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service crash and potentially execute arbitrary code via certain vectors...

3.7CVSS7.8AI score0.0114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/12/19 9:1 p.m.13 views

security flaw

Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via...

6.8CVSS6.2AI score0.04292EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2003/03/20 12:0 a.m.47 views

MS03-008: Flaw in Windows Script Engine (814078)

The remote host is vulnerable to a flaw in the Windows Script Engine, that provides Windows with the ability to execute script code. To exploit this flaw, an attacker would need to lure one user on this host to visit a rogue website or to send a user an HTML email with a malicious code in it. C...

7.5CVSS5.8AI score0.23773EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/07/10 12:0 a.m.32 views

iPlanet Remote File Viewing

Sun iPlanet Web Server Remote File Viewing Vulnerability Vendor: Sun Microsystems Product: iPlanet Web Server 6.0 SP2 iPlanet Web Server 4.1 SP9 Netscape Enterprise Server 3.6 Platforms: Windows 2000 Windows NT Other platforms not tested Category: Information Leak Author: [email protected]...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2000/10/24 12:0 a.m.24 views

iis.asp.txt

NtWaK0 Bug / Security / Advisory Saturday, October 21, 2000 IIS 5 and using ..%c0%af../winnt/system32/cmd.exe?/c+type+c: To Read any ASP source Code of the server o Synopsis Based on http://www.wiretrip.net/rfp/p/doc.asp?id=57&iface=2 I done some research and found that that ..%c0%af.. can be use...

7.4AI score
Exploits0
Rows per page
Query Builder