Lucene search
K

33 matches found

OpenVAS
OpenVAS
added 2020/05/03 12:0 a.m.43 views

openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2020:0602-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.5AI score0.04987EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/02 12:0 a.m.78 views

Security update for webkit2gtk3 (important)

openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2020:0602-1 Rating: important References: 1165528 1169658 Cross-References: CVE-2020-10018 CVE-2020-11793 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now...

9.8CVSS7.3AI score0.04987EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/04/27 12:0 a.m.36 views

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:1109-1)

This update for webkit2gtk3 to version 2.28.1 fixes the following issues : Security issues fixed : CVE-2020-10018: Fixed a denial of service because the mdeferredFocusedNodeChange data structure was mishandled bsc1165528. CVE-2020-11793: Fixed a potential arbitrary code execution caused by a...

9.8CVSS7.4AI score0.04987EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/03/25 12:0 a.m.40 views

Fedora 31 : webkit2gtk3 (2020-f25793aac4)

Update to WebKitGTK 2.28.0. - Add API to enable Process Swap on Cross-site Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox...

9.8CVSS6.7AI score0.04987EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.36 views

Fedora 30 : webkit2gtk3 (2020-f3fa778924)

Update to WebKitGTK 2.28.0. - Add API to enable Process Swap on Cross-site Navigation. - Add user messages API for the communication with the web extension. - Add support for same-site cookies. - Service workers are enabled by default. - Add support for Pointer Lock API. - Add flatpak sandbox...

9.8CVSS6.7AI score0.04987EPSS
Exploits0References2
Veracode
Veracode
added 2018/11/20 5:6 a.m.28 views

Cross-Site Request Forgery (CSRF)

Auth0 and Auth0-lock is vulnerable to cross-site request forgery. The vulnerability exists when the Legacy Lock API flag is enabled. This allows an attacker to perform unwanted actions in the context of the user when the victim is tricked into visiting a malicious web page...

8.8CVSS8.3AI score0.00778EPSS
Exploits0References2Affected Software3
Github Security Blog
Github Security Blog
added 2018/11/06 11:15 p.m.32 views

Cross-Site Request Forgery (CSRF) in Auth0

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

8.8CVSS3.2AI score0.00778EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2018/11/06 11:15 p.m.22 views

GHSA-WV26-RJ8C-4R33 Cross-Site Request Forgery (CSRF) in Auth0

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

8.8CVSS8.8AI score0.00778EPSS
Exploits0References4
NVD
NVD
added 2018/04/04 5:29 p.m.12 views

CVE-2018-6874

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

8.8CVSS8.8AI score0.00778EPSS
Exploits0References2
OSV
OSV
added 2018/04/04 5:29 p.m.12 views

CVE-2018-6874

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

8.8CVSS7.4AI score0.00778EPSS
Exploits0References2
Prion
Prion
added 2018/04/04 5:29 p.m.15 views

Cross site request forgery (csrf)

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

6.8CVSS8.8AI score0.00778EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/04/04 5:0 p.m.17 views

CVE-2018-6874

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled...

8.9AI score0.00778EPSS
Exploits0References2
CVE
CVE
added 2018/04/04 5:0 p.m.49 views

CVE-2018-6874

CVE-2018-6874 describes a CSRF flaw in Auth0's authentication service when the Legacy Lock API flag is enabled. The vulnerability allows an attacker to reuse a valid signed JWT to perform actions in the victim’s account if the user visits a malicious page. Documents indicate the issue affected Au...

8.8CVSS8.7AI score0.00778EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder