CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Tenable Nessus•added 2025/08/07 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2019-17000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the...

6.1CVSS7.6AI score0.00163EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 4:35 a.m.•3 views

CVE-2019-17000

An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox 70...

6.1CVSS6AI score0.00163EPSS

Exploits0References1

OSV•added 2022/02/11 12:0 a.m.•3 views

GHSA-GPGX-WHWH-R297 Duplicate advisory: swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pgfx-g6rc-8cjv. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC o...

7.5CVSS7.4AI score0.00432EPSS

Exploits0References3

ATTACKERKB•added 2022/02/09 11:15 p.m.•4 views

CVE-2022-24668

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. This vulnerability is caused by a logical error after frame parsing but before frame handlin...

7.5CVSS7.2AI score0.00432EPSS

Exploits0References2Affected Software1

CNNVD•added 2022/02/09 12:0 a.m.•1 views

swift-nio-http2 安全漏洞

swift-nio-http2 is a SwiftPM project that can be built and tested very easily. A security vulnerability exists in swift-nio-http2 that stems from the fact that programs using swift-nio-http2 are susceptible to denial-of-service attacks caused by network peers sending ALTSVC or ORIGIN frames...

7.5CVSS7.2AI score0.00432EPSS

Exploits0References3

OSV•added 2020/01/08 9:15 p.m.•0 views

CVE-2019-17000

6.1CVSS7AI score0.00163EPSS

Exploits0References2

NVD•added 2020/01/08 9:15 p.m.•14 views

CVE-2019-17000

6.1CVSS5.8AI score0.00163EPSS

Exploits0References2

Prion•added 2020/01/08 9:15 p.m.•13 views

Cross site scripting

5.8CVSS5.5AI score0.00163EPSS

Exploits0References2Affected Software1

CVE•added 2020/01/08 8:4 p.m.•148 views

CVE-2019-17000

CVE-2019-17000 affects Firefox versions older than 70. A CSP bypass exists where an object tag with a data: URI did not inherit the parent document’s Content Security Policy in cross-origin frames, potentially allowing inline-script execution in protected documents. Root cause: CSP not correctly ...

6.1CVSS6.3AI score0.00163EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2020/01/08 8:4 p.m.•45 views

CVE-2019-17000

6.1CVSS6.6AI score0.00163EPSS

Exploits0

Debian CVE•added 2020/01/08 8:4 p.m.•26 views

CVE-2019-17000

6.1CVSS8AI score0.00163EPSS

Exploits0

UbuntuCve•added 2019/10/23 12:0 a.m.•17 views

CVE-2019-17000

6.1CVSS6.9AI score0.00163EPSS

Exploits0References3

OSV•added 2019/10/23 12:0 a.m.•0 views

UBUNTU-CVE-2019-17000

6.1CVSS6.7AI score0.00163EPSS

Exploits0References4

OpenVAS•added 2018/01/24 12:0 a.m.•35 views

Mozilla Firefox Security Advisories (MFSA2018-02, MFSA2018-03) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS7.8AI score0.3543EPSS

Exploits0References1

OpenVAS•added 2018/01/24 12:0 a.m.•44 views

Mozilla Firefox Security Advisories (MFSA2018-02, MFSA2018-03) - Mac OS X

10CVSS7.8AI score0.3543EPSS

Exploits0References1

Hacker One•added 2017/08/27 1:55 a.m.•20 views

WordPress: Wordpress 4.8.1 - Rogue editor leads to RCE. And the risks of same origin frame scripting in general

Background This report is mainly about how a user with the role of editor, expectedly can post unfiltered content but unexpectedly can pwn an administrator with a RCE chain due to same origin frame scripting. Secondarily the report wants to highlight the technique used and the severity of it...

6.2AI score

Exploits0

NVD•added 2013/05/10 11:42 a.m.•12 views

CVE-2013-0939

EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting"...

5.8CVSS6.1AI score0.00224EPSS

Exploits0References1

Prion•added 2013/05/10 11:42 a.m.•16 views

Cross site scripting

5.8CVSS6.7AI score0.00224EPSS

Exploits0References1Affected Software4

CVE•added 2013/05/10 10:0 a.m.•50 views

CVE-2013-0939

EMC Documentum CVE-2013-0939 affects Webtop, WDK, Taskspace, and Records Manager prior to 6.7 SP2. The issue is a Cross Frame Scripting vulnerability allowing remote attackers to obtain sensitive information via cross-origin frame navigation. Affected products include Webtop, WDK, Taskspace, and ...

5.8CVSS6.3AI score0.00224EPSS

Exploits0References1Affected Software4

Cvelist•added 2013/05/10 10:0 a.m.•11 views

CVE-2013-0939

6.1AI score0.00224EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by