Lucene search
K

8 matches found

OSV
OSV
added 2026/04/14 1:10 p.m.5 views

JLSEC-2026-100 Deno is vulnerable to race condition via interactive permission prompt spoofing

Impact Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permission prompt was shown and write a generic message li...

7.5CVSS7AI score0.00601EPSS
Exploits1References4
OSV
OSV
added 2025/11/12 10:15 a.m.3 views

CVE-2025-64407

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...

5.3CVSS5.7AI score0.00398EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/12 9:10 a.m.3 views

CVE-2025-64405 Apache OpenOffice: Remote documents loaded without prompt via DDE function

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, Calc spreadsheet containing DDE links to...

6.3AI score0.01279EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:9 a.m.5 views

CVE-2024-40835

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, watchOS 10.6. A shortcut may be able to use sensitive data with certain actions without prompting the us...

5.5CVSS5.8AI score0.00311EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.4 views

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from a shortcut command that may be able to use sensitive data for certain operations without prompting the user...

4.6CVSS5.1AI score0.00333EPSS
Exploits0References8
OSV
OSV
added 2023/01/20 4:56 p.m.30 views

GHSA-MC52-JPM2-CQH6 Deno is vulnerable to race condition via interactive permission prompt spoofing

Impact Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permission prompt was shown and write a generic message li...

8.8CVSS7.2AI score0.00601EPSS
Exploits1References4
Prion
Prion
added 2023/01/17 9:15 p.m.20 views

Code injection

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the...

5.1CVSS7.4AI score0.00601EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.46 views

CVE-1999-1474

CVE-1999-1474 concerns PowerPoint 95 and 97 where opening a document in a browser (e.g., Internet Explorer) could trigger an automatic execution of an application without user prompting. The available sources describe that remote attackers could cause an application to run automatically via the s...

7.5CVSS7.1AI score0.09367EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder