Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-19164

Malware in sbrugna...

7.5CVSS8.4AI score0.01127EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 a.m.7 views

CVE-2019-9802

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

7.5CVSS6AI score0.01127EPSS
Exploits0References1
Veracode
Veracode
added 2020/09/21 6:37 a.m.27 views

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerabiltiy exists as a compromised Sandbox content process can initiate an FTP download which will then use a child process to render the downloaded data. This allows it to be passed to the Chrome process with an arbitrary file length suppli...

7.5CVSS2.6AI score0.01127EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2019/04/26 5:29 p.m.5 views

CVE-2019-9802

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

7.5CVSS7.3AI score0.01127EPSS
Exploits0References2
NVD
NVD
added 2019/04/26 5:29 p.m.13 views

CVE-2019-9802

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

7.5CVSS7AI score0.01127EPSS
Exploits0References2
Prion
Prion
added 2019/04/26 5:29 p.m.18 views

Code injection

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

5CVSS7.6AI score0.01127EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/04/26 4:13 p.m.26 views

CVE-2019-9802

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

7.8AI score0.01127EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/04/26 4:13 p.m.32 views

CVE-2019-9802

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

7.5CVSS8.7AI score0.01127EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/03/20 12:0 a.m.25 views

CVE-2019-9802

If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and all...

7.5CVSS7.1AI score0.01127EPSS
Exploits0References4
Mozilla
Mozilla
added 2019/03/19 12:0 a.m.169 views

Security vulnerabilities fixed in Firefox 66 — Mozilla

A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. The type inference system allows the compilation of functions that can cause typ...

9.8CVSS0.19762EPSS
Exploits11References24Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion Vulnerability

No description provided by source. ====================================================================== Bradabra == v2.0.5 Remote File Include Vulnerability ====================================================================== Downlaoad Script :ftp://ftp1.comscripts.com/PHP/773bradabra-205.gz...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Uploader & Downloader 3.0 (id_user) Remote SQL Injection Vulnerability

No description provided by source. uploader&downloader v3 Remote SQL Injection Vulnerability Download: ftp://ftp1.comscripts.com/PHP/1892uploader-30.zip Found By: the master exploit:...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/06/25 12:0 a.m.46 views

FtpLocate 2.02 Cross Site Scripting Vulnerability

FtpLocate version 2.02 suffers from a persistent cross site scripting vulnerability. Exploit Title: FtpLocate 2.02 Persistent XSS Date: 2013/6/23 Exploit Author: Chako Firmware Version: 2.02 Tested on: Windows 7 Vendor Homepage: http://turtle.ee.ncku.edu.tw/ftplocate/readme.english.html...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/05/10 5:31 p.m.7 views

BackTrack 5 Released - Direct FTP Download Now !

BackTrack 5 Released – Penetration Testing Distribution, Download Now ! Download : Direct Links from FTP :...

7AI score
Exploits0
seebug.org
seebug.org
added 2009/11/27 12:0 a.m.209 views

ISC BIND 9 DNSSEC查询响应远程缓存中毒漏洞

BUGTRAQ ID: 37118 CVECAN ID: CVE-2009-4022 BIND是一个应用非常广泛的DNS协议的实现,由ISC负责维护,具体的开发由Nominum公司完成。 启用了DNSSEC验证的名称服务器在解析递归客户端查询期间可能错误的从所接收到响应的附加部分向其缓存添加记录,这是一种缓存中毒的情况。...

2.6CVSS0.4AI score0.07952EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/06/22 12:0 a.m.10 views

FTP File Download Detection

Binary data 7006.pasl...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2008/12/26 12:0 a.m.30 views

Citrix Broadcast Server login.asp页面SQL注入漏洞

BUGTRAQ ID: 32832 Citrix Broadcast Server是Citrix应用网关中的一个组件,能够以文本、图形和音频信息方式向IP电话交付诸如紧急情况、IT和天气报警等高优先级消息。 Citrix Broadcast Server的管理登录页面存在SQL注入漏洞,远程攻击者可以通过带有txtUID HTTP POST参数的恶意请求来利用这个漏洞非授权访问Web接口或从数据库获得数据。 Citrix Broadcast Server 6.0 厂商补丁: Citrix ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2008/12/16 12:0 a.m.13 views

Realtek Sound Manager (rtlrack.exe 1.15.0.0) - Playlist Buffer Overflow

Realtek Sound Manager rtlrack.exe 1.15.0.0 - Playlist Buffer Overflow usage: exploit.py print "--------------------------------------------------------------------------" print " Realtek Sound Manager rtlrack.exe v. 1.15.0.0 PlayList Buffer Overflow\n" print " url: http://www.realtek.com.tw/\n"...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/12/16 12:0 a.m.34 views

Realtek Sound Manager (rtlrack.exe 1.15.0.0) - Playlist Buffer Overflow

usage: exploit.py print "--------------------------------------------------------------------------" print " Realtek Sound Manager rtlrack.exe v. 1.15.0.0 PlayList Buffer Overflow\n" print " url: http://www.realtek.com.tw/\n" print " download: ftp://152.104.238.19/pc/audio/APA406.exe" print "...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/01/26 12:0 a.m.40 views

IBM AIX逻辑卷标管理器多个命令本地缓冲区溢出漏洞

BUGTRAQ ID: 27431 IBM AIX是一款商业性质的UNIX操作系统。 AIX的逻辑卷标管理命令工具集实现上存在缓冲区溢出漏洞,本地攻击者可能利用此漏洞提升自己的权限。 AIX的逻辑卷标管理器提供了一套用于管理逻辑卷标的工具。逻辑卷标管理器的bos.rte.lvm和bos.clvm.enh命令中存在缓冲区溢出漏洞。如果本地攻击者执行了以下bos.rte.lvm命令: /usr/sbin/lchangevg /usr/sbin/ldeletepv /usr/sbin/putlvodm /usr/sbin/lvaryoffvg /usr/sbin/lvgenminor...

6.9AI score
Exploits0
Rows per page
Query Builder