Lucene search
K

52 matches found

Positive Technologies
Positive Technologies
added 2024/12/16 12:0 a.m.3 views

PT-2024-36312 · Unknown · Jesse Overright Social Media Sharing

Name of the Vulnerable Software and Affected Versions: Jesse Overright Social Media Sharing versions n/a through 1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a we...

7.1CVSS6.2AI score0.00206EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/11/20 12:0 a.m.19 views

WordPress wpForo Forum Plugin <= 2.2.5 is vulnerable to Content Injection

Software wpForo Forum Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.2.6 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2023-47869 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e9607ec97842 Credits Jesse McNeil Required privilege...

6.9AI score0.00296EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/03/19 5:30 p.m.37 views

GHSA-65CV-R6X7-79HV Cross site scripting vulnerability in ActionView

There is a possible cross site scripting XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. Impact There is a possible XSS vulnerability in the j and escapejavascript methods in ActionView. These...

4.8CVSS5.7AI score0.01543EPSS
Exploits1References9
Debian
Debian
added 2019/09/11 7:53 p.m.86 views

[SECURITY] [DLA 1916-1] opensc security update

Package : opensc Version : 0.16.0-3+deb8u1 CVE ID : CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418 CVE-2018-16419 CVE-2018-16420 CVE-2018-16421 CVE-2018-16422 CVE-2018-16423 CVE-2018-16424 CVE-2018-16425 CVE-2018-16426 CVE-2018-16427 CVE-2019-15945 CVE-2019-15946 Debian Bug : 909444...

6.8CVSS7.8AI score0.00692EPSS
Exploits12
ThreatPost
ThreatPost
added 2019/07/09 11:9 p.m.99 views

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Intel has patched a high-severity vulnerability in its processor diagnostic tool, which could allow local attackers to launch several malicious attacks on affected devices, such as escalation of privilege or denial of service. The Intel Processor Diagnostic tool is a free product that allows user...

4.6CVSS8AI score0.00515EPSS
Exploits0References10
Veracode
Veracode
added 2019/05/02 5:51 a.m.34 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

10CVSS7.3AI score0.06058EPSS
Exploits1References22Affected Software1
Veracode
Veracode
added 2019/05/02 5:43 a.m.39 views

Privilege Escalation

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

7.5CVSS9.3AI score0.04229EPSS
Exploits0References25Affected Software2
Veracode
Veracode
added 2019/05/02 5:43 a.m.24 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

7.5CVSS9.3AI score0.04229EPSS
Exploits0References22Affected Software1
Veracode
Veracode
added 2019/05/02 5:39 a.m.48 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

9.3CVSS8.6AI score0.07417EPSS
Exploits0References8Affected Software1
Veracode
Veracode
added 2019/05/02 5:39 a.m.40 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

7.5CVSS8.6AI score0.07417EPSS
Exploits0References21Affected Software2
Veracode
Veracode
added 2019/05/02 4:54 a.m.36 views

Cross-Site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

6.5CVSS7.8AI score0.10893EPSS
Exploits5References20Affected Software3
OpenVAS
OpenVAS
added 2019/01/02 12:0 a.m.30 views

Debian: Security Advisory (DLA-1621-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.04589EPSS
Exploits0References3
Cent OS
Cent OS
added 2017/06/21 3:49 p.m.81 views

thunderbird security update

CentOS Errata and Security Advisory CESA-2017:1561 An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

9.8CVSS7.1AI score0.05216EPSS
Exploits11References7
OpenVAS
OpenVAS
added 2017/06/15 12:0 a.m.44 views

RedHat Update for firefox RHSA-2017:1440-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.05216EPSS
Exploits11References2
Tenable Nessus
Tenable Nessus
added 2016/06/28 12:0 a.m.31 views

Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerabilities (USN-3017-3)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3017-3 advisory. USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement H...

7.8CVSS7.1AI score0.05676EPSS
Exploits15References9
Tenable Nessus
Tenable Nessus
added 2016/03/09 12:0 a.m.53 views

Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2904-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2904-1 advisory. Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able t...

10CVSS8.4AI score0.05992EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/01/27 4:23 a.m.40 views

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS7.6AI score0.05992EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/11/04 12:10 p.m.37 views

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.5CVSS7.5AI score0.04229EPSS
Exploits0References10
ThreatPost
ThreatPost
added 2015/08/25 10:1 a.m.12 views

Github Mitigates DDoS Attack

Code repository Github mitigated a distributed denial-of-service attack, restoring services this morning around 9 a.m. Eastern time. According to a Github status log, connectivity problems began today around 5:30 a.m. with Github declaring it was under a DDoS attack an hour later. A request for...

1.1AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/05/12 6:49 p.m.59 views

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

9.3CVSS7.4AI score0.07417EPSS
Exploits0References7
Rows per page
Query Builder