Lucene search
K

72 matches found

Prion
Prion
added 2018/11/17 10:29 p.m.15 views

Cross site scripting

In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element...

3.5CVSS5.2AI score0.00531EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/11/17 10:29 p.m.3 views

CVE-2018-19350

In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element...

5.4CVSS5.8AI score0.00531EPSS
Exploits1References1
seebug.org
seebug.org
added 2017/05/26 12:0 a.m.55 views

WebKit: UXSS through HTMLObjectElement::updateWidget(CVE-2017-2493)

When an object element loads a JavaScript URLe.g., javascript:alert1, it checks whether it violate the Same Origin Policy or not. Here's some snippets of the logic. void HTMLObjectElement::updateWidgetCreatePlugins createPlugins ... String url = this-url; ... if !allowedToLoadFrameURLurl return;...

7.8AI score0.0148EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2015/08/16 11:59 p.m.21 views

CVE-2015-3751

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element...

5CVSS7AI score0.02658EPSS
Exploits0References5
OSV
OSV
added 2015/08/16 11:59 p.m.5 views

UBUNTU-CVE-2015-3751

WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element...

5CVSS7AI score0.02658EPSS
Exploits0References6
Mageia
Mageia
added 2014/08/25 8:44 a.m.47 views

Updated bugzilla packages fix a CSRF vulnerability

Updated bugzilla packages fix security vulnerabilities: Adobe does not properly restrict the SWF file format, which allows remote attackers to conduct cross-site request forgery CSRF attacks against Bugzilla's JSONP endpoint, possibly obtaining sensitive bug information, via a crafted OBJECT...

4.3CVSS6.3AI score0.00542EPSS
Exploits0References2
OSV
OSV
added 2014/08/19 11:16 a.m.9 views

UBUNTU-CVE-2014-5333

Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Compiler before 14.0.0.178 do not properly...

4.3CVSS5.6AI score0.03507EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2014/08/14 11:15 a.m.32 views

CVE-2014-1546

The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x before 4.0.14, 4.1.x and 4.2.x before 4.2.10, 4.3.x and 4.4.x before 4.4.5, and 4.5.x before 4.5.5 accepts certain long callback values and does not restrict the initial bytes of a...

4.3CVSS5.9AI score0.00542EPSS
Exploits0References2
OSV
OSV
added 2014/07/09 5:4 a.m.5 views

UBUNTU-CVE-2014-4671

Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 do not properly restrict the SWF file format, which allows...

4.3CVSS7.1AI score0.23024EPSS
Exploits4References3
Prion
Prion
added 2013/12/11 3:55 p.m.26 views

Design/Logic Flaw

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site...

4.3CVSS6.9AI score0.02353EPSS
Exploits0References15Affected Software16
UbuntuCve
UbuntuCve
added 2013/12/11 12:0 a.m.29 views

CVE-2013-5614

Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site...

4.3CVSS6.9AI score0.02353EPSS
Exploits0References3
exploitpack
exploitpack
added 2013/04/04 12:0 a.m.13 views

Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use-After-Free (PoC)

Google Chrome 26.0.1410.43 Webkit - OBJECT Element Use-After-Free PoC...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2013/04/04 12:0 a.m.51 views

Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use-After-Free (PoC)

---object-beforeload-chrome.html--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- function sprayOnemem, size, v var a = new Uint8ClampedArraysize...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/08/05 12:0 a.m.44 views

Mozilla Firefox 3.6.16 mChannel Use After Free Exploit

require 'msf/core' class Metasploit3 HttpClients::FF, :uaminver = "3.6.16", :uamaxver = "3.6.16", :osname = OperatingSystems::WINDOWS, :javascript = true, :rank = NormalRanking, def initializeinfo = superupdateinfoinfo, 'Name' = 'Mozilla Firefox 3.6.16 mChannel use after free Exploit',...

10CVSS9.7AI score0.73655EPSS
Exploits10
Zero Day Initiative
Zero Day Initiative
added 2011/05/10 12:0 a.m.43 views

Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the OnChannelRedirect method. When an...

9CVSS4.3AI score0.73655EPSS
Exploits10References1
Prion
Prion
added 2010/07/30 1:26 p.m.28 views

Memory corruption

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted HTML document, related to the DATA and...

10CVSS8.4AI score0.07585EPSS
Exploits6References3Affected Software1
RedHat Linux
RedHat Linux
added 2010/07/24 12:33 a.m.6 views

Mozilla arbitrary free flaw

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted HTML document, related to the DATA and...

10CVSS7.8AI score0.0413EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/07/24 12:12 a.m.4 views

Mozilla arbitrary free flaw

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted HTML document, related to the DATA and...

10CVSS7.8AI score0.0413EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/07/24 12:1 a.m.4 views

Mozilla arbitrary free flaw

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted HTML document, related to the DATA and...

10CVSS7.8AI score0.0413EPSS
Exploits1References4
NVD
NVD
added 2010/03/15 1:28 p.m.20 views

CVE-2010-0047

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to "HTML object element fallback content."...

9.3CVSS8.6AI score0.0504EPSS
Exploits0References18
Rows per page
Query Builder