Lucene search
K

5 matches found

CVE
CVE
added 2026/06/15 2:0 a.m.25 views

CVE-2026-12208

CVE-2026-12208 affects the jsonata-js package (up to 2.2.0) in the Function Binding Frame System. The vulnerability is in the function createFrame (src/jsonata.js) where an attacker can perform a prototype pollution attack by manipulating object prototype attributes. This can be triggered remotel...

6.9CVSS5.6AI score0.00314EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2019/10/28 12:0 a.m.168 views

WebKit - Universal XSS in HTMLFrameElementBase::isURLAllowed

VULNERABILITY DETAILS HTMLFrameElementBase.cpp: bool HTMLFrameElementBase::isURLAllowed const if mURL.isEmpty // 4 return true; return isURLAlloweddocument.completeURLmURL; bool HTMLFrameElementBase::isURLAllowedconst URL& completeURL const if document.page && document.page-subframeCount =...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/11/17 3:14 p.m.6 views

Firefox race condition flaw (MFSA 2010-73)

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...

9.8CVSS7.8AI score0.83279EPSS
Exploits14References5
RedHat Linux
RedHat Linux
added 2010/10/27 11:22 p.m.5 views

Firefox race condition flaw (MFSA 2010-73)

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...

9.8CVSS7.8AI score0.83279EPSS
Exploits14References5
RedHat Linux
RedHat Linux
added 2010/10/27 11:20 p.m.6 views

Firefox race condition flaw (MFSA 2010-73)

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...

9.8CVSS7.8AI score0.83279EPSS
Exploits14References5
Rows per page
Query Builder