Lucene search
+L

42 matches found

Prion
Prion
added 2023/07/05 9:15 p.m.20 views

Format string

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafte...

2.4CVSS5.3AI score0.00368EPSS
Exploits1References2Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.4 views

SUSE CVE-2006-1942

Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into...

5.1CVSS8.6AI score0.02536EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.4 views

SUSE CVE-2010-0054

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving HTML IMG elements...

9.3CVSS7.7AI score0.0605EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.4 views

Zimbra Collaboration Suite 跨站脚本漏洞

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, Calendar, Address Book and more. A cross-site scripting vulnerability exists in Zimbra Collaboration Suite version 9.0.0, which stems from the lack of effective filtering...

6.1CVSS6AI score0.00401EPSS
Exploits0References3
OSV
OSV
added 2021/04/12 9:15 p.m.20 views

CVE-2021-3163

A vulnerability in the HTML editor of Slab Quill 4.8.0 allows an attacker to execute arbitrary JavaScript by storing an XSS payload a crafted onloadstart attribute of an IMG element in a text field. Note: Researchers have claimed that this issue is not within the product itself, but is intended...

6.1CVSS6.6AI score0.01311EPSS
Exploits1References4
Veracode
Veracode
added 2019/05/02 6:45 a.m.17 views

Denial Of Service (DoS)

Firefox is vulnerable to use-after-free vulnerability. This occurs when manipulating the DOM during the resize event of an image element. This could result in a potentially exploitable crash when the freed elements are accessed if these elements have been freed due to lack of strong references...

9.8CVSS9.3AI score0.02711EPSS
Exploits1References13Affected Software2
OSV
OSV
added 2018/09/06 3:22 a.m.28 views

GHSA-VJCJ-5G2R-VXQC Pandao editor.md vulnerable to XSS in IMG attributes

Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element...

6.1CVSS6.3AI score0.00865EPSS
Exploits1References4
OSV
OSV
added 2018/06/11 9:29 p.m.7 views

CVE-2017-7802

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...

9.8CVSS8.3AI score
Exploits0References11
Prion
Prion
added 2018/06/11 9:29 p.m.19 views

Design/Logic Flaw

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...

7.5CVSS9.1AI score0.02711EPSS
Exploits1References11Affected Software10
Debian CVE
Debian CVE
added 2018/06/11 9:0 p.m.20 views

CVE-2017-7802

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...

9.8CVSS10AI score0.02711EPSS
Exploits1
CVE
CVE
added 2018/06/11 9:0 p.m.186 views

CVE-2017-7802

CVE-2017-7802 is a use-after-free in the DOM during an image element resize event. The vulnerability occurs when freed image elements are accessed due to lack of strong references, potentially causing a crash. Affected products/versions from the provided documents include Thunderbird < 52.3, F...

9.8CVSS8.3AI score0.02711EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.30 views

CVE-2017-7802

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...

8.5AI score0.02711EPSS
Exploits1References11
CNVD
CNVD
added 2017/09/30 12:0 a.m.5 views

Tiki Cross-Site Request Forgery Vulnerability

Tiki is a free, free, open source web application with rich built-in functionality. A cross-site request forgery vulnerability exists in the IMG element of Tiki, which can be exploited by authenticated users to edit global permissions if an administrator opens a Wiki page with the IMG element...

8CVSS7.7AI score0.00511EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/08/10 12:0 a.m.22 views

CVE-2017-7802

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...

9.8CVSS7.1AI score0.02711EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2017/08/09 1:53 a.m.21 views

CVE-2017-7802

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...

9.8CVSS2.4AI score0.02711EPSS
Exploits1References2
OSV
OSV
added 2016/08/31 2:59 p.m.7 views

CVE-2016-7119

Cross-site scripting XSS vulnerability in the user-profile biography section in DotNetNuke DNN before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted onclick attribute in an IMG element...

5.4CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2015/08/16 11:59 p.m.10 views

UBUNTU-CVE-2015-3751

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element...

5CVSS7AI score0.02658EPSS
Exploits0References6
Jake Archibald's Blog
Jake Archibald's Blog
added 2013/08/09 3:5 p.m.11 views

Having fun with

Did you know that this works in every browser? Look, here's one: An image You might think it's leaking from SVG, but SVG images don't use src, they use xlink:href. Let's all take a moment to laugh at xlink. Done? Ok… In the first age of the web, some people accidentally typed instead of . Browser...

1.5AI score
Exploits0
OpenVAS
OpenVAS
added 2010/04/06 12:0 a.m.24 views

Microsoft Internet Explorer Unspecified vulnerability

This host is installed with Microsoft Internet Explorer and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbmsieunspecifiedvuln.nasl 5656 2017-03-21 11:03:12Z cfi $ Microsoft Internet Explorer Unspecified vulnerability Authors: Madhuri D Copyright: Copyright c 2010...

9.3CVSS1.2AI score0.14156EPSS
Exploits0References1
NVD
NVD
added 2010/03/29 7:30 p.m.19 views

CVE-2010-1175

Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to have an unspecified impact via a certain XML document that references a crafted web site in the SRC attribute of an image element, related to a "0day Vulnerability."...

9.3CVSS6.5AI score0.14156EPSS
Exploits0References1
Rows per page
Query Builder