CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-1530

Malware in sbrugna...

4.3CVSS6.1AI score0.007EPSS

Exploits0References7

RedHat Linux•added 2024/09/19 6:28 p.m.•3 views

mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran

The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...

8.8CVSS7.2AI score0.00267EPSS

Exploits0References8

SUSE CVE•added 2024/09/05 3:0 a.m.•1 views

SUSE CVE-2024-8382

Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had...

5.3CVSS6.3AI score0.00267EPSS

Exploits0References13

OSV•added 2024/09/03 1:15 p.m.•1 views

DEBIAN-CVE-2024-8382

8.8CVSS8.3AI score0.00267EPSS

Exploits0References1

OSV•added 2024/09/03 1:15 p.m.•0 views

UBUNTU-CVE-2024-8382

8.8CVSS7.2AI score0.00267EPSS

Exploits0References10

Hacker One•added 2021/01/21 9:57 a.m.•35 views

LY Corporation: Webview address bar spoofing in LINE client for iOS

When navigation to an invalid hostname occurs, the address bar is updated even though the navigation is cancelled. Due to this incorrect timing of updating the address bar and applying URL normalization, it can be recognized as a different hostname from the actual hostname. As a result, attacker...

5CVSS5.2AI score0.00209EPSS

Exploits0

Zero Day Initiative•added 2011/04/12 12:0 a.m.•28 views

RealNetworks RealPlayer OpenURLInDefaultBrowser Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlay...

9.7CVSS3.9AI score0.05602EPSS

Exploits0References1

NVD•added 2007/10/01 5:17 a.m.•9 views

CVE-2007-5161

Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS...

4.3CVSS6.1AI score0.00674EPSS

Exploits0References9

securityvulns•added 2007/10/01 12:0 a.m.•40 views

feedreader3 has XSS vulnerability

Hello, I have found that feedreader3 has XSS vulnerability in its internal browser. When I post a script into wordpress like scriptalert"XSS"/script, the RSS feed in the internal browser is vulnerable and show an alert box. POC movie here: http://www.hacking.org.il/demos/feedreader3.wmv Guy Mizra...

0.5AI score

Exploits0