CVE-2013-4610

CVE-2013-4610 affects the Data Search utility in REDCap data-entry forms, specifically REDCap before 5.0.3 and 5.1.x before 5.1.2. The impact is not specified in the sources, and there are no public exploitation details provided in the connected documents. No remediation or fix versions are descr...

CVE-2013-3528

Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."...

CVE-2013-3528

Vanilla Forums prior to 2.0.18.6 is vulnerable to a PHP Object Injection in class.utilitycontroller.php (

CVE-2013-3528

Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."...

CVE-2013-3268

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors...

Design/Logic Flaw

Google Chrome before 26.0.1410.43 does not ensure that an extension has the tabs aka APIPermission::kTab permission before providing a URL to this extension, which has unspecified impact and remote attack vectors...

CVE-2013-0925

CVE-2013-0925 affects Google Chrome (pre-26.0.1410.43). The issue: a Chrome extension can receive a URL without the extension having Tabs (APIPermission::kTab), implying a potential information leakage risk. The linked OpenVAS/NASL entries reiterate multiple Chrome vulnerabilities from Apr 2013 e...

CVE-2013-2268

Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue."...

CVE-2013-2268

Removed by vendor...

Input validation

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors...

CVE-2013-0840

Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors...

CVE-2013-0840

Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors...

CVE-2013-0840

Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors...

CVE-2012-5117

Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors...

Design/Logic Flaw

Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors...

CVE-2012-5692

Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board aka IPB or IP.Board 3.1.x through 3.3.x has unknown impact and remote attack vectors...

OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

CVE-2012-5111

Google Chrome before 22.0.1229.92 does not monitor for crashes of Pepper plug-ins, which has unspecified impact and remote attack vectors...

CVE-2012-5111

CVE-2012-5111 affects Google Chrome prior to 22.0.1229.92, where Chrome reportedly does not monitor crashes of Pepper plug-ins, with unspecified impact and remote attack vectors. The connected Gentoo advisory GLSA-201210-07 recommends upgrading to Chromium 22.0.1229.94 or newer (Chromium family),...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2012:150-1)

Multiple security issues were identified and fixed in OpenJDK icedtea6 : Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and a security-in-depth iss...