Lucene search
K

6681 matches found

Tenable Nessus
Tenable Nessus
added 2017/03/10 12:0 a.m.13 views

Google Chrome < 57.0.2987.98 Multiple Vulnerabilities

Binary data 9991.pasl...

4.3CVSS6.4AI score0.0146EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2017/03/09 12:0 a.m.4 views

The vulnerability of the iOS operating system, which allows attackers to carry out XSS attacks

The vulnerability of the WebKit component of the iOS operating system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform XSS attacks injection of malicious code on the Safari browser remotely...

4.3CVSS6.6AI score0.00721EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2017/03/07 1:23 p.m.44 views

[SECURITY] Fedora 25 Update: mupdf-1.10a-4.fc25

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

9.8CVSS0.6AI score0.068EPSS
Exploits4
Hacker One
Hacker One
added 2017/03/06 2:39 a.m.54 views

Rockstar Games: Control Character Injection In Messages

This report involved the injection of control characters, such as Null Byte 0x00, into vulnerable fields in the Message endpoints in order to cause unexpected, harmful behaviors. Our solution was to both block control characters from being saved on the backend when included in user-input, as well...

2.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/02 12:0 a.m.18 views

MDwiki &lt; 0.6.2 - Cross-Site Scripting

Originally thought that only a problem with Tencent's site implementation, the black brother reminded me to look at the Github address in the source code, only to find the open source MDwiki universal system. MDwiki is a wiki/CMS system built entirely on HTML5/Javascript technology and runs...

7.4AI score
Exploits0
Fedora
Fedora
added 2017/03/01 1:21 a.m.36 views

[SECURITY] Fedora 24 Update: mupdf-1.10a-1.fc24

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

5.5CVSS0.6AI score0.0163EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/03/01 12:0 a.m.55 views

Fedora 25 : webkitgtk4 (2017-0beb752b6e)

This update addresses the following vulnerabilities : - CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2371, CVE-2017-2373 Additional fixes : - Make accelerating compositing mode...

8.8CVSS7.1AI score0.07043EPSS
Exploits21References13
Fedora
Fedora
added 2017/02/24 11:19 p.m.35 views

[SECURITY] Fedora 24 Update: webkitgtk4-2.14.5-1.fc24

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

8.8CVSS1.8AI score0.07043EPSS
Exploits21
Fedora
Fedora
added 2017/02/24 10:51 p.m.28 views

[SECURITY] Fedora 25 Update: webkitgtk4-2.14.5-1.fc25

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

8.8CVSS1.8AI score0.07043EPSS
Exploits21
CNVD
CNVD
added 2017/02/24 12:0 a.m.2 views

Autodesk Backburner Manager 3 Null Pointer Reference Denial of Service Vulnerability

Backburner is network rendering management software. A null pointer reference denial of service vulnerability exists in Autodesk Backburner Manager 3. An attacker can cause a denial of service by sending a large number of invalid parameters resulting in a null pointer reference...

6.8AI score
Exploits0References1
Prion
Prion
added 2017/02/06 5:59 p.m.29 views

Buffer overflow

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...

7.5CVSS7.8AI score0.03987EPSS
Exploits0References6Affected Software4
OSV
OSV
added 2017/02/06 5:59 p.m.2 views

UBUNTU-CVE-2016-7446

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...

9.8CVSS7.4AI score0.03987EPSS
Exploits0References3
OSV
OSV
added 2017/02/06 5:59 p.m.2 views

DEBIAN-CVE-2016-7446

Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...

9.8CVSS7.9AI score0.03987EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2017/02/04 12:0 a.m.27 views

January 10, 2017—KB3210720 (OS Build 10240.17236)

January 10, 2017—KB3210720 OS Build 10240.17236 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed security issues related to Microsoft Edge If you installed earlier updates, only t...

5.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2017/02/02 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a perpetrator to gain access to protected information.

The vulnerability of the PDFium component in the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to protected information through a specially created PDF file...

6.8CVSS7.5AI score0.01088EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2017/02/01 8:59 p.m.15 views

Cross site scripting

IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

4.3CVSS6.5AI score0.00713EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/02/01 8:0 p.m.41 views

CVE-2016-8936

The CVE-2016-8936 entry concerns IBM Social Rendering Templates for Digital Data Connector. Available connected sources confirm a Cross-Site Scripting (XSS) vulnerability in the Web UI, which could allow an attacker to embed arbitrary JavaScript and potentially disclose credentials within a trust...

6.1CVSS5.9AI score0.00713EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/01/26 3:59 p.m.3 views

CVE-2016-6908

Characters from languages are such as Arabic, Hebrew are displayed from RTL Right To Left order in Opera 37.0.2192.105088 for Android, due to mishandling of several unicode characters such as U+FE70, U+0622, U+0623 etc and how they are rendered combined with first strong character such as an IP...

6.1CVSS5.8AI score0.00707EPSS
Exploits0References1
Prion
Prion
added 2017/01/26 3:59 p.m.10 views

Design/Logic Flaw

Characters from languages are such as Arabic, Hebrew are displayed from RTL Right To Left order in Opera 37.0.2192.105088 for Android, due to mishandling of several unicode characters such as U+FE70, U+0622, U+0623 etc and how they are rendered combined with first strong character such as an IP...

5.8CVSS7AI score0.00707EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/01/23 12:0 a.m.37 views

Fedora 24 : webkitgtk4 (2017-d317f6fb61)

This update addresses the following vulnerabilities : - CVE-2016-7656, CVE-2016-7635, CVE-2016-7654, CVE-2016-7639, CVE-2016-7645, CVE-2016-7652, CVE-2016-7641, CVE-2016-7632, CVE-2016-7599, CVE-2016-7592, CVE-2016-7589, CVE-2016-7623, CVE-2016-7586 Additional fixes : - Create GLX OpenGL contexts...

8.8CVSS6.5AI score0.02039EPSS
Exploits0References14
Rows per page
Query Builder