Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2005-4600

Malware in sbrugna...

2.1CVSS6AI score0.01047EPSS
Exploits5References27
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-43120

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00379EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/16 12:0 a.m.5 views

CVE-2022-48306 Gotham Chat IRC help does not validate hostnames in TLS certificates

Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept...

5.7CVSS6.6AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2022/11/09 9:15 p.m.4 views

CVE-2022-44562

The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation...

9.8CVSS5.8AI score0.00571EPSS
Exploits0References2
Snyk
Snyk
added 2020/11/24 4:51 p.m.1 views

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. CSRF protection can be bypassed by forging a request that contains the same value for both the X-XSRF-TOKEN header and the XSRF-TOKEN cookie value, as the check in randomTokenCsrfProtection only checks...

8.8CVSS6.8AI score0.00524EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/05/22 12:0 a.m.61 views

Mozilla Firefox Security Advisories (MFSA2019-12, MFSA2019-14) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS8.4AI score0.09393EPSS
Exploits6References1
BDU FSTEC
BDU FSTEC
added 2016/02/24 12:0 a.m.4 views

The vulnerability of Google Chrome’s browser allows a hacker to determine which website was visited using an HSTS connection.

The vulnerability of the CSPSource::schemeMatches function in the WebKit/Source/core/frame/csp/CSPSource.cpp file of the Content Security Policy implementation in the Blink component of the Google Chrome browser is related to the lack of application of http policies for https addresses and ws...

4.3CVSS6.6AI score0.01271EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2012/05/09 12:55 a.m.21 views

Memory corruption

Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted RTF data, aka "RTF Mismatch Vulnerability."...

9.3CVSS8.2AI score0.24412EPSS
Exploits4References7Affected Software2
Prion
Prion
added 2011/01/14 5:0 p.m.15 views

Code injection

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service incorrect memory access or possibly have unspecified other impact via unknown vectors...

10CVSS7.7AI score0.02616EPSS
Exploits1References8Affected Software2
Rows per page
Query Builder