Lucene search
K

6682 matches found

Tenable Nessus
Tenable Nessus
added 2014/03/06 12:0 a.m.50 views

FreeBSD : chromium -- multiple vulnerabilities (b4023753-a4ba-11e3-bec2-00262d5ed8ee)

Google Chrome Releases reports : 19 vulnerabilities fixed in this release, including : - 344492 High CVE-2013-6663: Use-after-free in svg images. Credit to Atte Kettunen of OUSPG. - 326854 High CVE-2013-6664: Use-after-free in speech recognition. Credit to Khalil Zhani. - 337882 High CVE-2013-666...

7.5CVSS7.8AI score0.05428EPSS
Exploits1References8
ThreatPost
ThreatPost
added 2014/03/04 10:55 a.m.38 views

Google Fixes Nearly 20 Bugs in Chrome 33

Google has fixed 19 security flaws in its Chrome browser, including more than a dozen high-risk bugs. The company paid out $3,500 in rewards to security researchers who reported flaws. Two of the high-risk vulnerabilities fixed in Chrome 33 are use-after-free flaws, one in SVG images and the othe...

7.5CVSS2AI score0.01781EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/03/04 12:0 a.m.37 views

Google Chrome < 33.0.1750.146 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 33.0.1750.146. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to handling SVG images and speech recognition processing. CVE-2013-6663, CVE-2013-6664 - An...

7.5CVSS8.1AI score0.05428EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2014/03/04 12:0 a.m.45 views

Google Chrome < 33.0.1750.146 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.146. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to handling SVG images and speech recognition processing. CVE-2013-6663, CVE-2013-6664 - An error exis...

7.5CVSS7.2AI score0.05428EPSS
Exploits1References7
FreeBSD
FreeBSD
added 2014/03/03 12:0 a.m.46 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 19 vulnerabilities fixed in this release, including: 344492 High CVE-2013-6663: Use-after-free in svg images. Credit to Atte Kettunen of OUSPG. 326854 High CVE-2013-6664: Use-after-free in speech recognition. Credit to Khalil Zhani. 337882 High CVE-2013-6665: Heap...

7.5CVSS1.5AI score0.05428EPSS
Exploits1References1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2014/03/03 12:0 a.m.36 views

Stable Channel Update

The Stable Channel has been updated to 33.0.1750.146 for Windows, Mac, and Linux. Security Fixes and Rewards This update includes 19 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page fo...

7.5CVSS8.9AI score0.05428EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2014/02/25 3:59 a.m.19 views

Velocity XSS in $space.name

I got the following email from Ulrich Kuhnhardt quote While we were doing some testing with XSS for the shiny new Publishing plugin we found that the velocity renderer does not escape $space.name To reproduce Create a space with name 'alert'bang'css' Create a user macro ’simple-space-name' in...

0.3AI score
Exploits0
Atlassian
Atlassian
added 2014/02/18 12:1 a.m.19 views

Content Spoofing in the createrssfeed action

A third party scan found that createrssfeed action is vulnerable to content spoofing|https://www.owasp.org/index.php/ContentSpoofing, in specific text injection. In this case the content spoofing may be used to perform a phishing attack on users. How to reproduce: 1. go to...

0.2AI score
Exploits0Affected Software1
Fedora
Fedora
added 2014/02/06 3:44 a.m.11 views

[SECURITY] Fedora 19 Update: mupdf-1.1-5.fc19

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/02/04 12:0 a.m.20 views

Pidgin < 2.10.8 Multiple Vulnerabilities

The version of Pidgin installed on the remote host is a version prior to 2.10.8. It is, therefore, potentially affected by the following vulnerabilities : - The bundled version of Pango has an error that can lead to an application crash when rendering fonts and attempting to display certain Unico...

10CVSS5.8AI score0.14809EPSS
Exploits0References32
Gentoo Linux
Gentoo Linux
added 2014/01/21 12:0 a.m.37 views

Poppler: Multiple vulnerabilities

Background Poppler is a cross-platform PDF rendering library originally based on Xpdf. Description Multiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially crafted PDF...

7.5CVSS8.3AI score0.10483EPSS
Exploits1
Fedora
Fedora
added 2014/01/05 6:7 a.m.13 views

[SECURITY] Fedora 20 Update: poppler-0.24.3-3.fc20

Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC...

2.2AI score
Exploits0
Prion
Prion
added 2013/12/30 4:53 a.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp...

2.9CVSS6AI score0.03758EPSS
Exploits7References2Affected Software1
Prion
Prion
added 2013/12/22 3:16 p.m.15 views

Design/Logic Flaw

IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote attackers to obtain sensitive property information in opportunistic circumstances by leveraging an error in ...

4.3CVSS6.5AI score0.01204EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2013/12/11 5:22 p.m.5 views

Mozilla: Out-of-bounds read in image rendering (MFSA 2013-22)

The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read and application crash via a crafted GIF image...

5.8CVSS7.4AI score0.01958EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/12/11 5:26 a.m.4 views

Mozilla: Out-of-bounds read in image rendering (MFSA 2013-22)

The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read and application crash via a crafted GIF image...

5.8CVSS7.4AI score0.01958EPSS
Exploits0References5
Fedora
Fedora
added 2013/12/09 2:0 a.m.15 views

[SECURITY] Fedora 18 Update: php-symfony2-Form-2.2.10-1.fc18

Form provides tools for defining forms, rendering and binding request data to related models. Furthermore it provides integration with the Validation component...

5CVSS2.2AI score0.01868EPSS
Exploits0
Prion
Prion
added 2013/12/07 8:55 p.m.11 views

Design/Logic Flaw

The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leveraging the token from a...

4.9CVSS6.6AI score0.01569EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2013/12/07 8:0 p.m.50 views

CVE-2013-4445

The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access token for a block by leveraging the token from a...

6AI score0.01569EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2013/11/18 12:0 a.m.33 views

Fedora Update for poppler FEDORA-2013-20443

Check for the Version of poppler OpenVAS Vulnerability Test Fedora Update for poppler FEDORA-2013-20443 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

7.5CVSS0.10483EPSS
Exploits1References2
Rows per page
Query Builder