Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.10 views

Siemens Teamcenter PDF.js Arbitrary Code Execution (SSA-827383)

The version of Siemens Teamcenter installed on the remote host is affected by a vulnerability: - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. CVE-2024-4367 Note that Nessus has not tested for this issue but has...

8.8CVSS7.6AI score0.72648EPSS
Exploits15References2
RedHat Linux
RedHat Linux
added 2024/10/09 12:6 p.m.3 views

firefox: thunderbird: Cross-origin access to PDF contents through multipart responses

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...

7.5CVSS7.5AI score0.00394EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/10/09 11:43 a.m.3 views

firefox: thunderbird: Cross-origin access to PDF contents through multipart responses

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This...

7.5CVSS7.5AI score0.00394EPSS
Exploits0References8
OSV
OSV
added 2024/10/03 12:0 a.m.5 views

UBUNTU-CVE-2024-9393

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full...

7.5CVSS7.5AI score0.00394EPSS
Exploits0References12
Amazon
Amazon
added 2024/06/11 12:0 a.m.6 views

Important: firefox

Issue Overview: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. CVE-2024-4367 If the browser.privatebrowsing.autostart preference is...

8.8CVSS9.8AI score0.72648EPSS
Exploits18
RedHat Linux
RedHat Linux
added 2024/06/10 7:47 p.m.8 views

Mozilla: Arbitrary JavaScript execution in PDF.js

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...

8.8CVSS7.5AI score0.72648EPSS
Exploits15References6
RedHat Linux
RedHat Linux
added 2024/05/16 6:20 p.m.23 views

Mozilla: Arbitrary JavaScript execution in PDF.js

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...

8.8CVSS7.5AI score0.72648EPSS
Exploits15References6
OSV
OSV
added 2021/12/06 4:15 p.m.3 views

CVE-2021-24759

The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some of its shortcode and Gutenberg Block attributes, which could allow users with a role as low as Contributor to to perform Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00604EPSS
Exploits2References1
Talos Blog
Talos Blog
added 2017/05/12 9:40 a.m.14 views

Threat Round-up for May 05 - May 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 05 and May 12. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior characteristics,...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/07/05 12:0 a.m.35 views

Google Chrome < 20.0.1132.43 Multiple Vulnerabilities

Binary data 800967.prm...

9.3CVSS7.8AI score0.02123EPSS
Exploits1References24
Rows per page
Query Builder