Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-38503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the...

10CVSS8.2AI score0.0383EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/12/05 2:7 p.m.2 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
OSV
OSV
added 2023/07/11 6:15 p.m.5 views

DEBIAN-CVE-2023-37271

RestrictedPython is a tool that helps to define a subset of the Python language which allows users to provide a program input into a trusted environment. RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generat...

9.9CVSS9AI score0.00768EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/09/30 6:42 a.m.5 views

Mozilla: X-Frame-Options bypass using object or embed tags

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

6.5CVSS7.4AI score0.01142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:49 a.m.6 views

Mozilla: X-Frame-Options bypass using object or embed tags

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

6.5CVSS7.4AI score0.01142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:33 a.m.4 views

Mozilla: X-Frame-Options bypass using object or embed tags

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird 78 and Firefox 78.0.2...

6.5CVSS7.4AI score0.01142EPSS
Exploits0References5
OSV
OSV
added 2014/05/22 7:55 p.m.5 views

UBUNTU-CVE-2014-1346

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL...

5CVSS7.3AI score0.01881EPSS
Exploits0References4
Rows per page
Query Builder