Lucene search
+L

11 matches found

Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.19 views

PT-2026-39305

Name of the Vulnerable Software and Affected Versions eml parser version 3.0.0 Description A recursion denial of service exists in the get raw body text function within eml parser/parser.py. The function recurses unconditionally for every nested message/rfc822 attachment without a depth limit. An...

6.3CVSS5.8AI score0.00395EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.5 views

messageformat 安全漏洞

messageformat is a messageformat open source ICU message format and Unicode message format library for Javascript. A security vulnerability exists in messageformat versions prior to 3.0.1, which stems from insufficient validation of nested message keys and could lead to a prototype pollution atta...

5.3CVSS6.3AI score0.0032EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/06/10 4:52 p.m.5 views

thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...

8.1CVSS7.5AI score0.00378EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:7 a.m.4 views

SUSE CVE-2016-1631

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS8.8AI score0.01334EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2016/09/02 12:0 a.m.23 views

Google Chrome < 52.0.2743.116 Multiple Vulnerabilities

Binary data 9490.pasl...

7.5CVSS7.3AI score0.01477EPSS
Exploits0References2
CNVD
CNVD
added 2016/03/08 12:0 a.m.5 views

Google Chrome Pepper plugin same-origin policy bypass vulnerability

Google Chrome is a web browser developed by Google, and Pepper is a player plug-in for playing Flash videos. Versions of the Pepper plugin prior to Google Chrome 49.0.2623.75 have the file content/renderer/pepper/ppbflashmessageloopimpl.cc in the file 'PPBFlashMessageLoop A security vulnerability...

8.8CVSS8.9AI score0.01334EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2016/03/08 12:0 a.m.31 views

Google Chrome Multiple Vulnerabilities (Mar 2016) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

10CVSS7.2AI score0.02451EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2016/03/07 3:22 a.m.8 views

chromium-browser: same-origin bypass in Pepper Plugin

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.4AI score0.01334EPSS
Exploits2References5
OSV
OSV
added 2016/03/06 2:59 a.m.3 views

CVE-2016-1631

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.3AI score
Exploits0References12
UbuntuCve
UbuntuCve
added 2016/03/05 12:0 a.m.28 views

CVE-2016-1631

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.2AI score0.01334EPSS
Exploits2References3
OSV
OSV
added 2016/03/05 12:0 a.m.3 views

UBUNTU-CVE-2016-1631

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.3AI score0.01334EPSS
Exploits2References4
Rows per page
Query Builder