Lucene search
K

6682 matches found

Atlassian
Atlassian
added 2014/10/27 10:1 p.m.25 views

HTML does not render in Project Description

If you enter HTML into the project description it does not get rendered. Reproduced this on a clean 6.3.8 instance. Looks like this has happened in the past: https://jira.atlassian.com/browse/JRA-20032 https://jira.atlassian.com/browse/JRA-15906 Regression? Or possibly a different root cause?...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/10/27 10:1 p.m.18 views

HTML does not render in Project Description

If you enter HTML into the project description it does not get rendered. Reproduced this on a clean 6.3.8 instance. Looks like this has happened in the past: https://jira.atlassian.com/browse/JRA-20032 https://jira.atlassian.com/browse/JRA-15906 Regression? Or possibly a different root cause?...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2014/10/16 12:0 a.m.44 views

Google Chrome Multiple Vulnerabilities - 01 (Oct 2014) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

10CVSS6.1AI score0.0595EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/10/16 12:0 a.m.32 views

Google Chrome Multiple Vulnerabilities - 01 (Oct 2014) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

10CVSS6.1AI score0.0595EPSS
Exploits0References5
Cvelist
Cvelist
added 2014/10/15 10:0 a.m.23 views

CVE-2014-1580

Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element...

8.9AI score0.02226EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2014/10/15 12:0 a.m.31 views

Firefox < 33.0 Multiple Vulnerabilities

The version of Firefox installed on the remote Windows host is a version prior to 33.0. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary...

7.5CVSS7.5AI score0.0527EPSS
Exploits1References21
UbuntuCve
UbuntuCve
added 2014/10/14 12:0 a.m.28 views

CVE-2014-1580

Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element...

5CVSS6.9AI score0.02226EPSS
Exploits0References3
Mozilla
Mozilla
added 2014/10/14 12:0 a.m.51 views

Further uninitialized memory use during GIF rendering — Mozilla

Google security researcher Michal Zalewski reported that when a malformed GIF image is repeatedly rendered within a element, memory may not always be properly initialized. The resulting series of images then uses this uninitialized memory during rendering, allowing data to potentially leak to web...

5CVSS8.9AI score0.02226EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2014/10/10 1:55 a.m.22 views

Design/Logic Flaw

core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar...

5CVSS6.7AI score0.0077EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2014/10/10 1:0 a.m.18 views

CVE-2014-3201

Removed by vendor...

5CVSS6.9AI score0.0077EPSS
Exploits0
ThreatPost
ThreatPost
added 2014/10/09 7:2 a.m.41 views

Google Fixes 159 Flaws in Chrome

Google updates its Chrome browser on a very aggressive timeline, often a couple of times a month. Usually, each update includes a handful of security fixes, maybe 12 or 15. On Tuesday, the company released Chrome 38, which patched a staggering 159 vulnerabilities. The huge majority of those...

10CVSS0.4AI score0.0595EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/09 12:0 a.m.38 views

FreeBSD : chromium -- multiple vulnerabilities (d2bbcc01-4ec3-11e4-ab3f-00262d5ed8ee)

Google Chrome Releases reports : 159 security fixes in this release, including 113 found using MemorySanitizer : - 416449 Critical CVE-2014-3188: A special thanks to Juri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox. - 398384 High...

10CVSS6.9AI score0.0595EPSS
Exploits0References15
Atlassian
Atlassian
added 2014/10/07 4:8 a.m.17 views

"Recently updated" plugin can be used to reflect arbitrary static content to browser

This request: noformat /plugins/recently-updated/changes.action?theme=XXXXXXXX noformat results in the response: noformat HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Cache-Control: no-cache, must-revalidate Expires: Thu, 01 Jan 1970 00:00:00 GMT X-Confluence-Request-Time: 1412654577325...

0.1AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/10/07 12:0 a.m.34 views

Google Chrome < 38.0.2125.101 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.94. It is, therefore, affected by the following vulnerabilities : - A flaw exists in V8 and IPC that can lead to remote code execution. CVE-2014-3188 - Out-of-bounds read errors exist in PDFium. CVE-2014-318...

10CVSS6.9AI score0.0595EPSS
Exploits0References15
Prion
Prion
added 2014/10/03 1:55 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the 1 table search...

3.5CVSS5.5AI score0.01617EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2014/10/03 1:0 a.m.20 views

CVE-2014-7217

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ENUM value that is improperly handled during rendering of the 1 table search...

5.1AI score0.01617EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/09/12 12:0 a.m.38 views

Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2330-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2330-1 advisory. Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in...

10CVSS8.1AI score0.05801EPSS
Exploits1References7
Ubuntu
Ubuntu
added 2014/09/11 10:31 p.m.57 views

USN-2330-1: Thunderbird vulnerabilities

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to...

10CVSS8.1AI score0.05801EPSS
Exploits1
OSV
OSV
added 2014/09/11 10:31 p.m.3 views

USN-2330-1 thunderbird vulnerabilities

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to...

10CVSS7AI score0.05801EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2014/09/10 12:0 a.m.42 views

Google Chrome < 37.0.2062.120 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.120. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists related to rendering that allows a remote attacker to execute arbitrary code. CVE-2014-3178 - Unspecified...

10CVSS7.8AI score0.84178EPSS
Exploits7References15
Rows per page
Query Builder