Lucene search
K

6987 matches found

UbuntuCve
UbuntuCve
added 2014/04/09 10:57 a.m.28 views

CVE-2014-1726

The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access...

4.3CVSS7.2AI score0.01405EPSS
Exploits1References4
OSV
OSV
added 2014/04/09 10:57 a.m.2 views

UBUNTU-CVE-2014-1726

The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access...

4.3CVSS7.3AI score0.01405EPSS
Exploits1References5
CVE
CVE
added 2014/04/09 10:0 a.m.70 views

CVE-2014-1726

CVE-2014-1726 affects Google Chrome up to version 34.0.1847.116. The vulnerability arises in the drag implementation, enabling a user-assisted remote attacker to bypass the Same Origin Policy and forge local pathnames by exploiting renderer access. The issue is described across multiple public ad...

4.3CVSS5.9AI score0.01405EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2014/04/09 10:0 a.m.29 views

CVE-2014-1726

The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access...

5.8AI score0.01405EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2014/04/09 10:0 a.m.21 views

CVE-2014-1726

Removed by vendor...

4.3CVSS9.4AI score0.01405EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/03/25 12:0 a.m.47 views

Debian DSA-2883-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser. - CVE-2013-6654 TheShow3511 discovered an issue in SVG handling. - CVE-2013-6655 cloudfuzzer discovered a use-after-fr...

10CVSS7.9AI score0.05807EPSS
Exploits5References48
OpenVAS
OpenVAS
added 2014/03/22 12:0 a.m.40 views

Debian: Security Advisory (DSA-2883-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7AI score0.05807EPSS
Exploits5References3
RedHat Linux
RedHat Linux
added 2014/03/19 5:26 p.m.8 views

Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

9.1CVSS7AI score0.0427EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2014/03/19 5:26 p.m.6 views

Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...

7.5CVSS6.9AI score0.04002EPSS
Exploits3References5
NVD
NVD
added 2014/03/19 10:55 a.m.19 views

CVE-2014-1502

The 1 WebGL.compressedTexImage2D and 2 WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors...

6.8CVSS9.3AI score0.01147EPSS
Exploits0References8
NVD
NVD
added 2014/03/19 10:55 a.m.17 views

CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection...

5.8CVSS9.1AI score0.01568EPSS
Exploits0References4
Prion
Prion
added 2014/03/19 10:55 a.m.22 views

Design/Logic Flaw

The 1 WebGL.compressedTexImage2D and 2 WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors...

6.8CVSS7AI score0.01147EPSS
Exploits0References8Affected Software7
UbuntuCve
UbuntuCve
added 2014/03/19 10:55 a.m.40 views

CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection...

5.8CVSS6AI score0.01568EPSS
Exploits0References2
Prion
Prion
added 2014/03/19 10:55 a.m.26 views

Design/Logic Flaw

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection...

5.8CVSS7.2AI score0.01568EPSS
Exploits0References4Affected Software5
ATTACKERKB
ATTACKERKB
added 2014/03/19 10:55 a.m.9 views

CVE-2014-1508

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service out-of-bounds read and application...

9.1CVSS7.5AI score0.0427EPSS
Exploits1References15
Prion
Prion
added 2014/03/19 10:55 a.m.30 views

Information disclosure

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...

5CVSS6.7AI score0.04002EPSS
Exploits3References14Affected Software17
ATTACKERKB
ATTACKERKB
added 2014/03/19 10:55 a.m.5 views

CVE-2014-1505

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...

7.5CVSS8.5AI score0.04002EPSS
Exploits3References15
Cvelist
Cvelist
added 2014/03/19 10:0 a.m.25 views

CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection...

9.1AI score0.01568EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/03/19 10:0 a.m.37 views

CVE-2014-1505

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a differen...

8.2AI score0.04002EPSS
Exploits3References14
CVE
CVE
added 2014/03/19 10:0 a.m.66 views

CVE-2014-1501

Mozilla Firefox for Android is affected (before 28.0). The issue allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via the Open Link in New Tab action, enabling local file access from web content. The root cause is a Same Origin Policy bypass in the Android ...

5.8CVSS8.9AI score0.01568EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder