Lucene search
+L

14 matches found

ThreatPost
ThreatPost
added 2015/11/02 3:10 p.m.38 views

November 2015 Android Security Bulletin

The Stagefright vulnerabilities are the gifts that keep on giving. Months after the potentially devastating security flaws in the mobile OS were publicly disclosed, Google continues to send out patches addressing vulnerabilities related to the initial reports. Today’s monthly Android security...

10CVSS0.6AI score0.02574EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/05/05 12:0 a.m.41 views

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)

Mozilla Thunderbird was updated to the 3.1.10 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain...

10CVSS8.3AI score0.06858EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2011/04/06 12:0 a.m.30 views

Ubuntu Update for tiff vulnerability USN-1102-1

Ubuntu Update for Linux kernel vulnerabilities USN-1102-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11021.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for tiff vulnerability USN-1102-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

6.8CVSS0.7AI score0.06233EPSS
Exploits0References2
securityvulns
securityvulns
added 2011/03/23 12:0 a.m.73 views

ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability

ZDI-11-107: Libtiff ThunderCode Decoder THUNDER2BITDELTAS Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-107 March 21, 2011 -- CVE ID: CVE-2011-1167 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Libtiff -- Affected Products: Libtiff libtiff --...

6.8CVSS0.8AI score0.06233EPSS
Exploits0
ThreatPost
ThreatPost
added 2011/03/01 3:12 p.m.11 views

Google Fixes 19 Bugs in Chrome, Pays $14K in Bug Bounties

Google has released version 9.0.597.107 of its Chrome browser, fixing 19 security vulnerabilities and paying $14,000 in rewards to researchers in the process. The new version of Chrome, which Google released on Monday afternoon, includes fixes for 16 high-severity vulnerabilities and three bugs...

0.2AI score
Exploits0References21
seebug.org
seebug.org
added 2010/06/24 12:0 a.m.38 views

Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability

No description provided by source. -- CVE ID: CVE-2010-1199 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x -- Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User...

9.3CVSS0.1AI score0.11418EPSS
Exploits5
Drupal
Drupal
added 2010/05/19 12:0 a.m.14 views

SA-CONTRIB-2010-057 - Rotor Banner - Cross Site Scripting (XSS)

The Rotor Banner module allows users to upload images which can then be displayed in a block and rotated through using jQuery. However, when these images are displayed, the values for the various image attributes srs, title, alt are not properly sanitized, leading to a cross site scripting XSS...

5.6AI score
Exploits0References6
Drupal
Drupal
added 2010/05/19 12:0 a.m.15 views

SA-CONTRIB-2010-058: Chaos tool suite - Multiple vulnerabilities

The Chaos tool suite ctools is primarily a set of APIs and tools to improve the developer experience. This module was found to have multiple vulnerabilities. Cross site scripting XSS The module did not properly sanitize node titles under certain circumstances, resulting in multiple cross-site...

7.2AI score
Exploits0References8
Drupal
Drupal
added 2010/05/12 12:0 a.m.15 views

SA-CONTRIB-2010-044: Bibliography - Cross Site Scripting

The Bibliography module enables users to manage and display lists of scholarly publications. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability. This is mitigated by the fact that only users with the 'administer...

6.2AI score
Exploits0References7
Drupal
Drupal
added 2010/03/31 12:0 a.m.14 views

SA-CONTRIB-2010-032 - Taxonomy Breadcrumb - Cross Site Scripting (XSS)

The Taxonomy Breadcrumb module generates taxonomy based breadcrumbs on node pages and taxonomy/term pages. This module does not properly sanitize taxonomy term name and, for 6.x, node titles when displayed in breadcrumbs, leading to a Cross Site Scripting XSS vulnerability. XSS vulnerabilities ma...

5.6AI score
Exploits0References7
Drupal
Drupal
added 2010/03/17 12:0 a.m.17 views

SA-CONTRIB-2010-027: Email Input Filter - Arbitrary code execution

Email Input Filter converts email style markup into web friendly format. Arbitrary code execution vulnerability in this module allows a remote attacker with the ability to create content using an input format with the email input filter enabled to execute arbitrary PHP code on an affected system...

8.2AI score
Exploits0References5
Drupal
Drupal
added 2010/03/17 12:0 a.m.15 views

SA-CONTRIB-2010-028 - Tag Order - Cross Site Scripting

Tag Order module allows you to select vocabularies whose terms you would like to preserve in the original order entered per node. Taxonomy vocabulary names are not sanitized when being displayed on an administrative page, leading to a cross-site scripting XSS vulnerability. Such an attack may lea...

6AI score
Exploits0References6
0day.today
0day.today
added 2010/03/07 12:0 a.m.37 views

Drupal 6.15, 5.21 (API function drupal_goto) Open Redirect Vulnerability

Exploit for unknown platform in category web applications =========================================================================== Drupal 6.15, 5.21 API function drupalgoto Open Redirection Vulnerability =========================================================================== Open redirecti...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2010/01/17 12:0 a.m.60 views

XSS Vulnerability in Drupal's Node Blocks contributed module (6.x-1.3 and 5.x-1.1)

XSS Vulnerability in Drupal's Node Blocks contributed module 6.x-1.3 and 5.x-1.1 Discovered by Martin Barbella [email protected] Description of Vulnerability: ----------------------------- Drupal is a free software package that allows an individual or a community of users to easily publish,...

5.5AI score
Exploits0
Rows per page
Query Builder