Lucene search
+L

747 matches found

OSV
OSV
added 2015/05/08 12:59 a.m.4 views

UBUNTU-CVE-2015-1156

The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, vi...

4.3CVSS7.3AI score0.01625EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2015/05/07 10:49 a.m.39 views

Apple Fixes WebKit Vulnerabilities in Safari Browser

Apple has updated its Safari browser, fixing a handful of exploitable WebKit flaws in various versions of Safari. WebKit is the core layout engine responsible for rendering webpages in the Safari browser. The first bulletin, vulnerabilities uncovered by Apple, resolves multiple memory corruption...

6.8CVSS0.8AI score0.10946EPSS
Exploits2References1
Kaspersky
Kaspersky
added 2015/04/10 12:0 a.m.41 views

KLA10541 Multiple vulnerabilities in Juniper Junos

Multiple serious vulnerabilities have been found in Juniper Junos. Malicious users can exploit these vulnerabilities to gainprivileges, execute arbitrary code orspoof user interface. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via unspecified vectors...

7.2CVSS8.3AI score0.01816EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2015/03/25 12:0 a.m.84 views

KLA10506 Multiple vulnerabilities in Websense products

Multiple serious vulnerabilities have been found in Websense products. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute or inject arbitrary code, spoof user interface and read or write arbitrary files. Below is a complete lis...

10CVSS7.7AI score0.25418EPSS
Exploits6References8
Kaspersky
Kaspersky
added 2015/02/23 12:0 a.m.28 views

KLA10484 Interface spoofing vulnerability in McAfee Agent

An unspecified vulnerability was found in McAfee Agent. By exploiting this vulnerability malicious users conduct clicjacking attack. This vulnerability can be exploited remotely via a specially designed web page. Original advisories McAfee bulletin Related products McAfee-Agent CVE list...

4.3CVSS6.4AI score0.0146EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Microsoft Windows XP Help And Support Center Interface Spoofing Weakness

No description provided by source. source: http://www.securityfocus.com/bid/9685/info A weakness has been alleged in Microsoft Windows XP that could reportedly allow aspects of the Help and Support Center interface to be spoofed via a malicious link. By spoofing this interface, an attacker could...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/06/09 12:0 a.m.70 views

[SECURITY] [DSA 2939-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2939-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 31, 2014 http://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.01954EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/06/02 12:0 a.m.41 views

Debian DSA-2939-1 : chromium-browser - security update

Several vulnerabilities were discovered in the chromium web browser. - CVE-2014-1743 cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation. - CVE-2014-1744 Aaron Staple discovered an integer overflow issue in audio input handling. - CVE-2014-1745...

7.5CVSS7.5AI score0.01954EPSS
Exploits0References18
OpenVAS
OpenVAS
added 2014/05/31 12:0 a.m.40 views

Debian Security Advisory DSA 2939-1 (chromium-browser - security update)

Several vulnerabilities were discovered in the chromium web browser. CVE-2014-1743 cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation. CVE-2014-1744 Aaron Staple discovered an integer overflow issue in audio input handling. CVE-2014-1745 Atte...

7.5CVSS0.6AI score0.01954EPSS
Exploits0References1
OSV
OSV
added 2014/05/31 12:0 a.m.34 views

DSA-2939-1 chromium-browser - security update

Bulletin has no description...

7.5CVSS8.4AI score0.01954EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/05/30 12:0 a.m.33 views

Debian: Security Advisory (DSA-2939-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.01954EPSS
Exploits1References3
Kaspersky
Kaspersky
added 2014/05/06 12:0 a.m.18 views

KLA10014 Multiple SUI vulnerabilities in Opera

Multiple low severity vulnerabilities have been found in Opera versions 21 and earlier. Malicious users can exploit these vulnerabilities to spoof user interface. Vectors related to the address bar can be exploited to fool some users via user interface spoofing. Original advisories Opera blog...

7.5AI score
Exploits0References4
securityvulns
securityvulns
added 2014/03/27 12:0 a.m.84 views

Mozilla Firefox / Thunderbird / Seamonkey / nss multiple security vulnerabilities

Buffer overflows, memory corruptions, information leakage, privilege escalation, protection bypass, unauthorized access, interface spoofing...

9.3CVSS4AI score0.83633EPSS
Exploits27References3
ThreatPost
ThreatPost
added 2013/12/03 4:44 p.m.13 views

$100 Million Worth of Bitcoins Stolen

UPDATE: As if Bitcoin malware and Bitcoin mining malware weren’t enough to worry about, there was more trouble for the users of the digital crypto-currency last week as 96,000 Bitcoins disappeared from the Sheep Marketplace. Bicoin’s value has surged in recent weeks, peaking at an astonishing...

7.2AI score
Exploits0References10
Kaspersky
Kaspersky
added 2013/05/22 12:0 a.m.65 views

KLA10076 Multiple vulnerabilities in Apple iTunes

Multiple critical vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or spoof HTTPS servers. Below is a complete list of vulnerabilities 1. Vectors related to browsing the iTunes Store can be...

9.3CVSS8.3AI score0.09155EPSS
Exploits0References3
Prion
Prion
added 2012/03/14 7:55 p.m.18 views

Code injection

Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a craft...

6.4CVSS6.8AI score0.01951EPSS
Exploits0References24Affected Software5
Cvelist
Cvelist
added 2012/03/14 7:0 p.m.22 views

CVE-2012-0460

Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a craft...

9.1AI score0.01951EPSS
Exploits0References24
RedHat Linux
RedHat Linux
added 2012/03/14 7:37 a.m.49 views

Critical: Red Hat Security Advisory: firefox security and bug fix update

Updated firefox packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

9.3CVSS7.6AI score0.06556EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2012/03/14 7:17 a.m.4 views

Mozilla: window.fullScreen writeable by untrusted content (MFSA 2012-18)

Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict write access to the window.fullScreen object, which allows remote attackers to spoof the user interface via a craft...

6.4CVSS7.4AI score0.01951EPSS
Exploits0References4
Cvelist
Cvelist
added 2010/06/22 8:24 p.m.28 views

CVE-2010-1757

WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document...

7.5AI score0.03637EPSS
Exploits0References10
Rows per page
Query Builder