Lucene search
K

6983 matches found

Tenable Nessus
Tenable Nessus
added 2014/09/11 12:0 a.m.32 views

RHEL 5 / 6 : flash-plugin (RHSA-2014:1173)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

10CVSS8AI score0.84178EPSS
Exploits7References26
RedHat Linux
RedHat Linux
added 2014/09/10 10:55 a.m.44 views

Critical: Red Hat Security Advisory: flash-plugin security update

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

10CVSS7.2AI score0.84178EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2014/09/10 10:55 a.m.1 views

flash-plugin: same origin policy bypass (APSB14-21)

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...

7.5CVSS5.9AI score0.04816EPSS
Exploits0References5
NVD
NVD
added 2014/09/10 1:55 a.m.14 views

CVE-2014-0548

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...

7.5CVSS6.6AI score0.04816EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2014/09/10 1:55 a.m.17 views

CVE-2014-0548

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...

7.5CVSS5.9AI score0.04816EPSS
Exploits0References2
Prion
Prion
added 2014/09/10 1:55 a.m.16 views

Design/Logic Flaw

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...

7.5CVSS7.1AI score0.04816EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2014/09/10 1:55 a.m.2 views

UBUNTU-CVE-2014-0548

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...

7.5CVSS5.8AI score0.04816EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/09/10 1:0 a.m.19 views

CVE-2014-0548

Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow...

6.5AI score0.04816EPSS
Exploits0References9
CVE
CVE
added 2014/09/10 1:0 a.m.70 views

CVE-2014-0548

Summary (CVE-2014-0548) : Adobe Flash Player (and related AIR SDK packages) contains a vulnerability that could allow a remote bypass of the Same Origin Policy. The Mageia advisory MGASA-2014-0382 notes that Flash Player 11.2.202.406 fixes multiple security issues, including a bypass of the same-...

7.5CVSS6.5AI score0.04816EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2014/09/10 12:0 a.m.31 views

CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

5CVSS7AI score0.04876EPSS
Exploits0References3
OSV
OSV
added 2014/09/10 12:0 a.m.1 views

UBUNTU-CVE-2014-3620

cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain...

5CVSS6.9AI score0.04876EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2014/09/09 12:0 a.m.4 views

Adobe Flash Player Same Origin Policy Bypass (APSB14-14; CVE-2014-0516)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

7.5CVSS4.1AI score0.03912EPSS
Exploits0
0day.today
0day.today
added 2014/09/04 12:0 a.m.41 views

Android Browser Same Origin Policy Bypass Vulnerability

A SOP bypass occurs when a sitea.com is some how able to access the properties of siteb.com such as cookies, location, response etc. Due to the nature of the issue and potential impact, this is very rarely found in modern browsers. However, they are found once in a while. Vulnerability: Android...

7AI score
Exploits0
NVD
NVD
added 2014/09/02 10:55 a.m.30 views

CVE-2014-6041

The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open'\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser...

5.8CVSS6.6AI score0.18278EPSS
Exploits7References8
Prion
Prion
added 2014/09/02 10:55 a.m.20 views

Design/Logic Flaw

The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open'\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser...

5.8CVSS7.2AI score0.18278EPSS
Exploits7References8Affected Software1
CVE
CVE
added 2014/09/02 10:0 a.m.129 views

CVE-2014-6041

CVE-2014-6041 is a UXSS/SOP bypass in Android’s stock browser (AOSP) prior to 4.4 and in WebView, enabling cross-site script execution via crafted input containing a null character. Affected: Android stock browser before 4.4 and apps using WebView. Impact: partial confidentiality and integrity th...

5.8CVSS8.2AI score0.18278EPSS
Exploits7References8Affected Software1
Cvelist
Cvelist
added 2014/09/02 10:0 a.m.25 views

CVE-2014-6041

The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open'\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser...

8.4AI score0.18278EPSS
Exploits7References8
Packet Storm
Packet Storm
added 2014/09/01 12:0 a.m.26 views

Android Browser Same Origin Policy Bypass

Vulnerability: Android Browser Same Origin Policy Bypass Impact: High/Critical Authors: Rafay Baloch Company: RHAinfoSEC Website: http://rhainfosec.com http://rafayhackingarticles.net Introduction Same Origin Policy SOP is one of the most important security mechanisms that are applied in modern...

Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/12 12:0 a.m.36 views

openSUSE Security Update : chromium (openSUSE-SU-2014:0982-1)

Chromium was updated to version 36.0.1985.125. New Functionality : - Rich Notifications Improvements - An Updated Incognito / Guest NTP design - The addition of a Browser crash recovery bubble - Chrome App Launcher for Linux - Lots of under the hood changes for stability and performance Security...

7.5CVSS8.2AI score0.01745EPSS
Exploits0References12
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/11 10:9 a.m.30 views

chromium: update to 36.0.1985.125 (important)

Chromium was updated to version 36.0.1985.125. New Functionality: Rich Notifications Improvements An Updated Incognito / Guest NTP design The addition of a Browser crash recovery bubble Chrome App Launcher for Linux Lots of under the hood changes for stability and performance Security Fixes...

7.5CVSS0.4AI score0.01745EPSS
Exploits0References5
Rows per page
Query Builder