Lucene search
K

6987 matches found

Hacker One
Hacker One
added 2014/03/11 12:0 a.m.100 views

Internet Bug Bounty: Same Origin Security Bypass Vulnerability

This bug was reported directly to Adobe. http://helpx.adobe.com/security/products/flash-player/apsb14-08.html...

6.4CVSS6.3AI score0.04293EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/03/11 12:0 a.m.39 views

Flash Player for Mac <= 11.7.700.269 / 12.0.0.70 Multiple Vulnerabilities (APSB14-08) (Mac OS X)

According to its version, the instance of Flash Player installed on the remote Mac OS X host is equal or prior to 11.7.700.269 / 11.8.x / 11.9.x / 12.0.0.70. It is, therefore, potentially affected by multiple vulnerabilities : - A vulnerability exists that could be used to bypass the same origin...

6.4CVSS6AI score0.04293EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/03/11 12:0 a.m.48 views

MS KB2938527: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

The remote host is missing KB2938527. It is, therefore, affected by multiple vulnerabilities : - A vulnerability exists that could be used to bypass the same origin policy. CVE-2014-0503 - A vulnerability exists that could be used to read the contents of the clipboard. CVE-2014-0504 C Tenable...

6.4CVSS6AI score0.04293EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/03/11 12:0 a.m.30 views

Flash Player <= 11.7.700.269 / 12.0.0.70 Multiple Vulnerabilities (APSB14-08)

According to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 11.7.700.269 / 11.8.x / 11.9.x / 12.0.0.70. It is, therefore, potentially affected multiple vulnerabilities : - A vulnerability exists that could be used to bypass the same origin...

6.4CVSS6AI score0.04293EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2014/02/26 12:0 a.m.20 views

ASUS Router Multiple Vulnerabilities

The host is running ASUS Router and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodasusroutersmultvuln.nasl 6663 2017-07-11 09:58:05Z teissa $ ASUS Router Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright C 2014 SecPod, http://www.secpod.com This...

4.3CVSS0.7AI score0.02146EPSS
Exploits1References2
NVD
NVD
added 2014/02/24 4:48 a.m.16 views

CVE-2013-6657

core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...

6.4CVSS5.3AI score0.01159EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2014/02/24 4:48 a.m.33 views

CVE-2013-6657

core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...

6.4CVSS7.2AI score0.01159EPSS
Exploits1References4
Prion
Prion
added 2014/02/24 4:48 a.m.20 views

Design/Logic Flaw

core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...

6.4CVSS5.6AI score0.01159EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2014/02/24 2:0 a.m.27 views

CVE-2013-6657

core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information vi...

5.2AI score0.01159EPSS
Exploits1References5
CVE
CVE
added 2014/02/24 2:0 a.m.94 views

CVE-2013-6657

CVE-2013-6657 affects Blink’s XSS auditor in Google Chrome prior to 33.0.1750.117. The description from multiple sources states that the XSS auditor’s handling of FORM elements within HTTP requests could insert the about:blank URL, enabling a bypass of the Same Origin Policy and allowing a leakag...

6.4CVSS5.3AI score0.01159EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2014/02/24 2:0 a.m.29 views

CVE-2013-6657

Removed by vendor...

6.4CVSS9.4AI score0.01159EPSS
Exploits1
NVD
NVD
added 2014/02/12 4:50 a.m.23 views

CVE-2014-0266

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to...

7.1CVSS6.3AI score0.1941EPSS
Exploits1References4
Prion
Prion
added 2014/02/12 4:50 a.m.23 views

Information disclosure

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to...

7.1CVSS6.8AI score0.1941EPSS
Exploits1References4Affected Software6
CVE
CVE
added 2014/02/12 2:0 a.m.99 views

CVE-2014-0266

CVE-2014-0266 (MS14-005) affects Microsoft XML Core Services (MSXML) 3.0 used by Internet Explorer. The root cause is an information-disclosure vulnerability in the MSXML ActiveX controls that can be triggered when a user visits a specially crafted web page, allowing remote attackers to bypass th...

7.1CVSS6.3AI score0.1941EPSS
Exploits1References4Affected Software10
OpenVAS
OpenVAS
added 2014/02/11 12:0 a.m.33 views

CentOS Update for thunderbird CESA-2014:0133 centos5

Check for the Version of thunderbird OpenVAS Vulnerability Test CentOS Update for thunderbird CESA-2014:0133 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

10CVSS0.5AI score0.07072EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2014/02/11 12:0 a.m.26 views

CentOS Update for firefox CESA-2014:0132 centos5

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2014:0132 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

10CVSS0.7AI score0.07072EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2014/02/11 12:0 a.m.30 views

CentOS Update for firefox CESA-2014:0132 centos6

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2014:0132 centos6 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

10CVSS0.7AI score0.07072EPSS
Exploits7References2
Mageia
Mageia
added 2014/02/06 8:2 p.m.56 views

Updated Firefox & Thunderbird packages fix multiple security vulnerabilities

Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...

10CVSS9.3AI score0.07072EPSS
Exploits7References11
NVD
NVD
added 2014/02/06 5:44 a.m.17 views

CVE-2014-1487

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages...

7.5CVSS8.4AI score0.02335EPSS
Exploits1References33
NVD
NVD
added 2014/02/06 5:44 a.m.16 views

CVE-2014-1483

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint...

5CVSS9.2AI score0.02467EPSS
Exploits0References19
Rows per page
Query Builder