Lucene search
K

6683 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

WebCalendar 0.9.x colors.php color XSS

No description provided by source. source: http://www.securityfocus.com/bid/8539/info It has been reported that WebCalendar is prone to multiple cross-site scripting vulnerabilites in various modules. The issues exist in includes/js/colors.php, week.php, day.php, month.php, weekdetails.php,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

phpldapadmin 0.9.8 copy_form.php dn Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16167/info Microsoft Windows WMF graphics-rendering engine is affected by multiple memory-corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions. These problems present themselves...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

FloosieTek FTGatePro 1.22 Mail Server Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8528/info FloosieTek FTGatePro Mail Server is prone to a cross-site scripting vulnerability. A remote attacker could exploit this issue by enticing a legitimate user of the mail server to follow a malicious link with...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Mozilla0.x,Netscape 3/4,Firefox 1.0 JavaScript IFRAME Rendering Denial Of Servic

No description provided by source. source: http://www.securityfocus.com/bid/11823/info Mozilla/Netscape and Firefox browsers are reported prone a remote denial of service vulnerability. It is reported that the affected browsers will crash as a result of a NULL pointer dereference when a JavaScrip...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

PostMaster 3.16/3.17 Proxy Service Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9055/info PostMaster has been reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization that is performed by the proxy service on user-supplied data. An...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11407/info FuseTalk Forum is reported prone to multiple input validation vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks. The cause of these issues is insufficient...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.57 views

e107 Website System 0.5/0.6 Log.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10395/info It is reported that e107 website system is prone to a remote HTML injection vulnerability. This issue is due to a failure by the application to properly sanitize user-supplied input. The problem presents itself...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2014/06/30 6:59 p.m.5 views

rubygem-actionpack: directory traversal issue

A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted...

7.5CVSS7.2AI score0.53703EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.31 views

openSUSE Security Update : Mesa (openSUSE-2013-366)

This Mesa update fixes the following security bug: CVE-2013-1993: Integer overflows in XF86DRIOpenConnection and XF86DRIGetClientDriverName were fixed that could lead to client crashes when using a malicious X server. This update fixes the following issue for Mesa on openSUSE 12.3 : - bnc814947,...

6.8CVSS5.4AI score0.02687EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.36 views

openSUSE Security Update : MozillaFirefox (MozillaFirefox-3422)

This update brings Mozilla Firefox to version 3.6.12, fixing various bugs and security issues. The following security issues were fixed: MFSA 2010-64: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of...

9.8CVSS9AI score0.83279EPSS
Exploits16References13
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.54 views

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-2012-136)

update to version 1.11.1 to fix several security issues : - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class -...

10CVSS7.5AI score0.68914EPSS
Exploits7References10
VulnCheck KEV
VulnCheck KEV
added 2014/06/06 12:0 a.m.3 views

VulnCheck KEV: CVE-2013-0074

Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers to execute code via a crafted Silverlight application...

9.3CVSS7.5AI score0.81868EPSS
Exploits8References1
NVD
NVD
added 2014/05/22 11:14 a.m.22 views

CVE-2014-0955

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.1AI score0.01788EPSS
Exploits0References3
Prion
Prion
added 2014/05/22 11:14 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.4AI score0.01788EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/05/22 10:0 a.m.28 views

CVE-2014-0955

Cross-site scripting XSS vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

5.1AI score0.01788EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2014/05/15 5:18 p.m.5 views

rubygem-actionpack: directory traversal issue

A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted...

7.5CVSS7.2AI score0.53703EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2014/04/30 1:23 p.m.29 views

Two New Vulnerabilities Linked to Latest IE Zero Day

UPDATE – Researchers at Websense said today they may have isolated two components within the VGX library that are being exploited by attackers targeting the latest Internet Explorer zero-day vulnerability. By combing through millions of Windows crash reports sent via the Windows Error Reporting...

10CVSS0.7AI score0.99945EPSS
Exploits34References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/04/30 9:4 a.m.50 views

MozillaThunderbird,seamonkey (important)

Mozilla Thunderbird was updated to 24.4.0. Mozilla SeaMonkey was updated to 2.25. MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards MFSA 2014-17/CVE-2014-1497 bmo966311 Out of bounds read during WAV file decoding MFSA 2014-18/CVE-2014-1498 bmo935618...

9.3CVSS1AI score0.83633EPSS
Exploits20References1
Mozilla
Mozilla
added 2014/04/29 12:0 a.m.47 views

Firefox for Android addressbar suppression — Mozilla

Security researcher Juho Nurminen reported that on Firefox for Android, when the addressbar has been scrolled off screen, an attacker can prevent it from rendering again through the use of script interacting DOM events. This allows an attacker to present a fake addressbar to the user, possibly...

5CVSS8.9AI score0.01495EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder