Lucene search
K

5125 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.15 views

Fedora 38 : ckeditor (2023-79b5902a52)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-79b5902a52 advisory. - 4.22.0/4.22.1 - 4.21.0 - GHSA-vh5c-xwqv-cv9g / CVE-2023-28439 - 4.20.2 - 4.20.1 Tenable has extracted the preceding description block directly from the...

6.1CVSS7AI score0.00725EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.18 views

Fedora 37 : ckeditor (2023-983ff03630)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-983ff03630 advisory. - 4.22.0/4.22.1 - 4.21.0 - GHSA-vh5c-xwqv-cv9g / CVE-2023-28439 - 4.20.2 - 4.20.1 Tenable has extracted the preceding description block directly from the...

6.1CVSS7AI score0.00725EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/03 2:1 a.m.3 views

SUSE CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

8.8CVSS7.3AI score0.00964EPSS
Exploits0References11
NVD
NVD
added 2023/09/27 3:19 p.m.17 views

CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

8.8CVSS8.7AI score0.00964EPSS
Exploits0References5
OSV
OSV
added 2023/09/27 3:19 p.m.1 views

DEBIAN-CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

8.8CVSS7.2AI score0.00964EPSS
Exploits0References1
Prion
Prion
added 2023/09/27 3:19 p.m.24 views

Code injection

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

6.8CVSS8.4AI score0.00964EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2023/09/27 3:19 p.m.29 views

CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

8.8CVSS7.6AI score0.00964EPSS
Exploits0References3
OSV
OSV
added 2023/09/27 3:19 p.m.1 views

UBUNTU-CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

8.8CVSS7.6AI score0.00964EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2023/09/27 12:0 a.m.3 views

VulnCheck KEV: CVE-2021-23957

Navigations through the Android-specific intent URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...

7.4CVSS7.1AI score0.00793EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2023/09/27 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy...

6.5CVSS7.1AI score0.01515EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.42 views

Amazon Linux 2 : firefox (ALASFIREFOX-2023-007)

The version of firefox installed on the remote host is prior to 102.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-007 advisory. firefox-esr , thunderbird and nss only are affected by this package. CVE-2023-0767 The Mozilla Foundation Security...

8.8CVSS7.8AI score0.00817EPSS
Exploits1References30
Vulnrichment
Vulnrichment
added 2023/09/26 8:14 p.m.19 views

CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

6.7AI score0.00964EPSS
Exploits0References4
CVE
CVE
added 2023/09/26 8:14 p.m.121 views

CVE-2023-40451

CVE-2023-40451 affects WebKit/WebKitGTK and related Safari/WebKit components. Affected: iframe sandbox enforcement weakness that could let an attacker with JavaScript execution run arbitrary code. Public writeups confirm the fix in Safari 17; remediation is upgrading to Safari 17 or applying vend...

8.8CVSS8.5AI score0.00964EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2023/09/26 8:14 p.m.22 views

CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

8.8AI score0.00964EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/09/26 8:14 p.m.33 views

CVE-2023-40451

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code...

8.8CVSS7AI score0.00964EPSS
Exploits0
Patchstack
Patchstack
added 2023/09/26 12:0 a.m.11 views

WordPress iFrame Plugin <= 4.6 is vulnerable to Cross Site Scripting (XSS)

Software iFrame Type Plugin Vulnerable versions = 4.6 Fixed in 4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4919 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2abd6971550b Credits Lana Codes & Alex Thomas - Wordfence...

6.4CVSS6AI score0.00519EPSS
Exploits1References3Affected Software1
Amazon
Amazon
added 2023/09/25 12:0 a.m.6 views

Important: firefox

Issue Overview: A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Mozilla developers and the Mozilla Fuzzing Team reporting memory safety bugs in Firefox 102. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort...

8.8CVSS9.9AI score0.00905EPSS
Exploits0
Amazon
Amazon
added 2023/09/25 12:0 a.m.7 views

Important: firefox

Issue Overview: Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough...

9.8CVSS10AI score0.23941EPSS
Exploits2
Amazon
Amazon
added 2023/09/25 12:0 a.m.5 views

Important: firefox

Issue Overview: The parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child process. This vulnerability affects Thunderbird 91.9. CVE-2022-29913 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describe...

9.8CVSS9.9AI score0.01055EPSS
Exploits0
0day.today
0day.today
added 2023/09/11 12:0 a.m.373 views

Wordpress Elementor 3.5.5 Plugin - Iframe Injection Vulnerability

Exploit Title: Wordpress Plugin Elementor 3.5.5 - Iframe Injection Exploit Author: Miguel Santareno Vendor Homepage: https://elementor.com/ Version: 3.5.5 Tested on: Google and Firefox latest version CVE : CVE-2022-4953 1. Description The plugin does not filter out user-controlled URLs from being...

6.1CVSS6.3AI score0.02027EPSS
Exploits5
Rows per page
Query Builder