Lucene search
K

235 matches found

Mageia
Mageia
added 2019/04/05 6:12 p.m.50 views

Updated firefox packages fix security vulnerability

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow CVE-2019-9810. Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and...

8.8CVSS2.8AI score0.29514EPSS
Exploits13References3
RedHat Linux
RedHat Linux
added 2019/03/28 2:52 p.m.6 views

Mozilla: Ionmonkey type confusion with __proto__ mutations

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS7.4AI score0.07387EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2019/03/28 2:52 p.m.7 views

Mozilla: Ionmonkey type confusion with __proto__ mutations

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS7.4AI score0.07387EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.26 views

Oracle Linux 6 : firefox (ELSA-2019-0672)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-0672 advisory. 60.6.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.6.1-1 - Update to 60.6.1 ESR Build 1...

8.8CVSS8.7AI score0.29514EPSS
Exploits13References3
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.26 views

Scientific Linux Security Update : firefox on SL7.x x86_64 (20190327)

This update upgrades Firefox to version 60.6.1 ESR. Security Fixes : - Mozilla: IonMonkey MArraySlice has incorrect alias information CVE-2019-9810 - Mozilla: Ionmonkey type confusion with proto mutations CVE-2019-9813 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

8.8CVSS8.5AI score0.29514EPSS
Exploits13References3
RedHat Linux
RedHat Linux
added 2019/03/27 9:49 a.m.9 views

Mozilla: Ionmonkey type confusion with __proto__ mutations

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS7.4AI score0.07387EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2019/03/27 8:11 a.m.7 views

Mozilla: Ionmonkey type confusion with __proto__ mutations

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS7.4AI score0.07387EPSS
Exploits4References5
OSV
OSV
added 2019/03/25 12:0 a.m.7 views

UBUNTU-CVE-2019-9813

Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

8.8CVSS7.3AI score0.07387EPSS
Exploits4References6
NVD
NVD
added 2019/02/04 9:29 p.m.35 views

CVE-2019-1000011

API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability...

6.5CVSS6.5AI score0.01024EPSS
Exploits0References2
Prion
Prion
added 2019/02/04 9:29 p.m.19 views

Improper access control

API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability...

5.5CVSS6.5AI score0.01024EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2019/02/04 12:0 a.m.38 views

Improper Access Control

API Platform contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized...

6.5CVSS5.3AI score0.01024EPSS
Exploits0References1Affected Software1
n0where
n0where
added 2016/12/13 3:45 a.m.90 views

OSINT Chrome Extension: ThreatPinch Lookup

OSINT Chrome Extension ThreatPinch was designed to enable information security professionals quick reference checks for commonly looked up indicators without having to leave the comfort of their current webpage. Be it, IPv4 addresses, MD5/SHA2 hashes, these indicators are usually copied and paste...

6.5AI score
Exploits0References2
Hacker One
Hacker One
added 2016/09/23 4:48 a.m.32 views

Legal Robot: Near-duplicate accounts allowed with ignored email mutations

A security researcher discovered that near-duplicate accounts like [email protected], [email protected], and [email protected] were all treated as separate accounts, while some email services, like gmail and google apps, treat these as the same account. This issue could lead to excess ema...

2.1AI score
Exploits0
Kitploit
Kitploit
added 2013/10/12 5:25 p.m.16 views

[Mutator v0.2.2.1] Wordlist mutator

This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation - C0rp0r4t10n2012 This software is usefull when applied to a few words, like company name and/o...

7.1AI score
Exploits0References1
seebug.org
seebug.org
added 2013/08/27 12:0 a.m.18 views

Google Caja V8 JavaScript VM未明远程代码执行漏洞

Google Caja是一个旨在制订一个JavaScript语言的子集和最佳编程指导方针,约束JavaScript程序员编写的代码,符合一个更加安全,更加合理的JS代码 Google Caja相关冻结V8 Javascript虚拟机上陈列变异array mutations存在一个未明安全漏洞,允许攻击者利用漏洞执行任意代码 0 Google Caja r5550 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息: http://code.google.com/p/google-caja/wiki/SecurityAdvisory201308013...

7.1AI score
Exploits0
Rows per page
Query Builder