CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the 1 dev.log, 2 lipc.set, 3 lipc.get, or 4 todo.scheduleItems method, a different...

10CVSS6.7AI score0.02901EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 5:59 a.m.•3 views

SUSE CVE-2010-1423

Argument injection vulnerability in the URI handler in a Java NPAPI plugin and b Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the 1 -J or 2 -XXaltjvm argument to javaws.exe...

9.3CVSS8.4AI score0.68947EPSS

Exploits2References3

SUSE CVE•added 2023/02/15 5:38 a.m.•2 views

SUSE CVE-2013-2868

common/extensions/synchelper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors...

5CVSS6.4AI score0.00384EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 4:12 a.m.•1 views

SUSE CVE-2019-11712

POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...

8.8CVSS8.4AI score0.00285EPSS

Exploits2References24

Ivanti•added 2023/02/14 7:22 a.m.•10 views

SA44426 - 2020-04: Out-of-Cycle Advisory: Multiple Host Checker Vulnerabilities

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This advisory provides information about the Host Checker policy enforcement vulnerabilities highlighted in CVE-2020-11580, CVE-2020-11581, and CVE-2020-11582. These vulnerabilities...

9.3CVSS8.6AI score0.39323EPSS

Exploits3

OpenVAS•added 2022/01/28 12:0 a.m.•21 views

Mageia: Security Advisory (MGASA-2019-0211)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.18406EPSS

Exploits5References5

OpenVAS•added 2021/06/09 12:0 a.m.•25 views

SUSE: Security Advisory (SUSE-SU-2021:1430-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.014EPSS

Exploits0References4

Tenable Nessus•added 2021/05/05 12:0 a.m.•69 views

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2021:1499-1)

This update for webkit2gtk3 fixes the following issues : Update to version 2.32.0 bsc1184155 : - Fix the authentication request port when URL omits the port. - Fix iframe scrolling when main frame is scrolled in async - scrolling mode. - Stop using gmemdup. - Show a warning message when overridin...

9.8CVSS7.4AI score0.014EPSS

Exploits0References24

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by