Lucene search
K

514 matches found

RedHat Linux
RedHat Linux
added 2012/11/20 10:5 p.m.6 views

Mozilla: evalInSanbox location context incorrectly applied (MFSA 2012-93)

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which...

4.3CVSS7.5AI score0.03083EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2012/11/20 9:43 p.m.3 views

Mozilla: evalInSanbox location context incorrectly applied (MFSA 2012-93)

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an incorrect context during the handling of JavaScript code that sets the location.href property, which...

4.3CVSS7.5AI score0.03083EPSS
Exploits1References5
CVE
CVE
added 2012/09/15 5:0 p.m.53 views

CVE-2011-5162

GOM Player 2.1.33.5071 is affected by a stack-based buffer overflow in the ASX ref href handling, allowing user‑assisted remote code execution via a crafted ASX file with a long URI. The issue is described as a regression from CVE-2007-0707. Affected component: parsing of the ASX file’s ref href ...

9.3CVSS8.2AI score0.06846EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2012/08/28 5:55 p.m.20 views

Design/Logic Flaw

The execcommand function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute...

6.8CVSS8AI score0.03179EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2012/08/25 10:29 a.m.4 views

DEBIAN-CVE-2012-3508

Cross-site scripting XSS vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allows remote attackers to inject arbitrary web script or HTML by using "javascript:" in an href attribute in the body of an HTML-formatted email...

4.3CVSS6AI score0.04198EPSS
Exploits0References1
OSV
OSV
added 2012/08/25 10:29 a.m.4 views

UBUNTU-CVE-2012-3508

Cross-site scripting XSS vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allows remote attackers to inject arbitrary web script or HTML by using "javascript:" in an href attribute in the body of an HTML-formatted email...

4.3CVSS7.4AI score0.04198EPSS
Exploits0References3
OSV
OSV
added 2012/01/24 6:55 p.m.2 views

DEBIAN-CVE-2012-0908

Cross-site scripting XSS vulnerability in logout.php in SimpleSAMLphp 1.8.1 and possibly other versions before 1.8.2 allows remote attackers to inject arbitrary web script or HTML via the linkhref parameter...

4.3CVSS6.1AI score0.01297EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/03/02 1:6 a.m.4 views

javascript: URLs in chrome documents (MFSA 2011-08)

The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remot...

9.3CVSS7.7AI score0.04471EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2010/11/10 7:0 p.m.5 views

Mozilla XSS in gopher parser when parsing hrefs

Multiple cross-site scripting XSS vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a 1 file or 2 directory on a Gopher server...

4.3CVSS7.4AI score0.02064EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/10/04 12:0 a.m.38 views

Web Server Harvested Email Addresses

Nessus harvested HREF mailto: links and extracted email addresses by crawling the remote web server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid49705; scriptversion"1.7"; scriptcvsdate"Date: 2018/05/24 13:59:31"; scriptnameenglish:"Web Server Harvested Email...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/10/04 12:0 a.m.43 views

External URLs

Nessus gathered HREF links to external sites by crawling the remote web server. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid49704; scriptversion"$Revision: 1.3 $"; scriptcvsdate"$Date: 2011/08/19 19:59:18 $"; scriptnameenglish:"External URLs";...

5.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2010/08/19 10:0 p.m.22 views

CVE-2010-2809

The default configuration of the binding in Uzbl before 2010.08.05 does not properly use the @SELECTEDURI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document...

6.8CVSS6.1AI score0.07372EPSS
Exploits0References2
Prion
Prion
added 2010/06/11 6:0 p.m.16 views

Code injection

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...

4.3CVSS6.4AI score0.02058EPSS
Exploits0References21Affected Software1
UbuntuCve
UbuntuCve
added 2010/06/11 6:0 p.m.25 views

CVE-2010-1393

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...

4.3CVSS5.9AI score0.02058EPSS
Exploits0References2
Cvelist
Cvelist
added 2010/06/11 5:28 p.m.20 views

CVE-2010-1393

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...

8.3AI score0.02058EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2010/05/06 7:5 p.m.5 views

dvips -z buffer overflow with long href

Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag...

6.8CVSS6.4AI score0.03953EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/05/06 6:53 p.m.5 views

dvips -z buffer overflow with long href

Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag...

6.8CVSS6.4AI score0.03953EPSS
Exploits1References4
exploitpack
exploitpack
added 2010/03/10 12:0 a.m.19 views

Mini-stream Ripper 3.0.1.1 - .m3u HREF Buffer Overflow

Mini-stream Ripper 3.0.1.1 - .m3u HREF Buffer Overflow !/usr/bin/env python Mini-stream Ripper 3.0.1.1 .m3u Buffer Overflow Code Execution Software Link: http://www.mini-stream.net/downloads/Mini-streamRipper.exe Author: l3D Site: http://xraysecurity.blogspot.com IRC: irc://irc.nix.co.il Email:...

1.1AI score
Exploits0
0day.today
0day.today
added 2010/03/10 12:0 a.m.14 views

Mini-stream Ripper 3.0.1.1 (.m3u) HREF Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ============================================================== Mini-stream Ripper 3.0.1.1 .m3u HREF Buffer Overflow Exploit ============================================================== !/usr/bin/env python Mini-stream Ripper 3.0.1.1 .m3u...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2010/03/10 12:0 a.m.32 views

Mini-stream Ripper 3.0.1.1 - '.m3u' HREF Buffer Overflow

!/usr/bin/env python Mini-stream Ripper 3.0.1.1 .m3u Buffer Overflow Code Execution Software Link: http://www.mini-stream.net/downloads/Mini-streamRipper.exe Author: l3D Site: http://xraysecurity.blogspot.com IRC: irc://irc.nix.co.il Email: [email protected] nops1='\x90'0x2a80 system"calc" -...

7.4AI score
Exploits0
Rows per page
Query Builder