Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-8469

Malware in sbrugna...

4.3CVSS7.4AI score0.01018EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2023/11/17 12:0 a.m.6 views

The vulnerability of the software tool for processing and managing financial transactions conducted through the SWIFT international messaging system allows a perpetrator to disclose protected information or compromise the accessibility of that information, due to incorrect restrictions on XML links to external objects in the IBM Financial Transaction Manager for SWIFT Services.

The vulnerability of the software tool for processing and managing financial transactions conducted through the SWIFT messaging system is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to disclose protected...

7.5CVSS7.7AI score0.00816EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/07/12 9:15 p.m.17 views

CVE-2022-29619

Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420,430 allows user Administrator to view, edit or modify rights of objects it doesn't own and which would otherwise be restricted...

6.5CVSS0.00685EPSS
Exploits0References2
OSV
OSV
added 2022/05/27 12:1 p.m.8 views

OPENSUSE-SU-2022:0155-1 Security update for libredwg

This update for libredwg fixes the following issues: Update to release 0.12.5 boo1193372 CVE-2021-28237 Restricted accepted DXF objects to all stable and unstable classes, minus MATERIAL, ARCDIMENSION, SUN, PROXY. I.e. most unstable objects do not allow unknown DXF codes anymore. This fixed most...

9.8CVSS9.5AI score0.01363EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of the Firefox browser, which allows a malicious actor to circumvent window object restrictions

The Mozilla Firefox browser contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to bypass window object restrictions by utilizing incompatibility in the original method-implementations of various JavaScript engin...

5CVSS7AI score0.03889EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of the Thunderbird email client, which allows a malicious actor to circumvent window object restrictions

Mozilla Thunderbird’s email client contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to bypass window object restrictions by utilizing incompatibility in the original JavaScript method receivers...

5CVSS7AI score0.03889EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to circumvent window object restrictions

Mozilla SeaMonkey software contains a vulnerability related to incompatibility between JavaScript components. Exploiting this vulnerability allows malicious actors to circumvent window object restrictions by utilizing incompatibility in the original method-extractors of various JavaScript engines...

5CVSS7AI score0.03889EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.4 views

The vulnerability of the Firefox ESR browser allows a malicious individual to circumvent window object restrictions.

The Mozilla Firefox ESR browser contains a vulnerability related to incompatibility with JavaScript software components. Exploiting this vulnerability allows malicious actors to bypass window object restrictions by utilizing incompatibility in the original method-extractors of various JavaScript...

5CVSS7AI score0.03889EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2014/12/11 11:59 a.m.18 views

Design/Logic Flaw

The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal...

4.3CVSS7AI score0.01018EPSS
Exploits0References4Affected Software2
UbuntuCve
UbuntuCve
added 2014/12/11 11:59 a.m.39 views

CVE-2014-8632

The structured-clone implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 does not properly interact with XrayWrapper property filtering, which allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal...

4.3CVSS6.6AI score0.01018EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/12/11 11:59 a.m.31 views

CVE-2014-8631

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method...

4.3CVSS6.6AI score0.01623EPSS
Exploits0References3
CVE
CVE
added 2014/12/11 11:0 a.m.60 views

CVE-2014-8632

CVE-2014-8632 affects Mozilla Firefox (before 34.0) and SeaMonkey (before 2.31). The issue is in the structured-clone implementation where interactions with XrayWrapper property filtering do not properly enforce restrictions, allowing a remote attacker to bypass intended DOM object restrictions b...

4.3CVSS9.2AI score0.01018EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2014/12/11 11:0 a.m.30 views

CVE-2014-8631

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 supports native-interface passing, which allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method...

9.2AI score0.01623EPSS
Exploits0References4
CVE
CVE
added 2014/12/11 11:0 a.m.68 views

CVE-2014-8631

CVE-2014-8631 affects Firefox (before 34.0) and SeaMonkey (before 2.31) where the Chrome Object Wrapper (COW) allows native-interface passing, potentially bypassing DOM object restrictions via an unspecified method. This remote vulnerability could be exploited without user interaction; exploitati...

4.3CVSS9AI score0.01623EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2013/01/17 9:0 p.m.95 views

CVE-2013-0172

Samba 4.0.x vulnerable before 4.0.1 due to improper interpretation of objectClass-based Access Control Entries, allowing remote authenticated users to bypass restrictions on modifying LDAP directory objects via (1) objectClass access by a user, (2) objectClass access by a group, or (3) write acce...

3.5CVSS6.2AI score0.02426EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder