Lucene search
K

6991 matches found

OpenVAS
OpenVAS
added 2009/09/23 12:0 a.m.35 views

Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability

Google Chrome is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.3AI score0.03497EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2009/09/23 12:0 a.m.30 views

Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability

This host is installed with Google Chrome and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromegetsvgdocumentxssvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability Authors: Sharath S...

4.3CVSS6AI score0.03497EPSS
Exploits0References3
Prion
Prion
added 2009/09/18 10:30 p.m.22 views

Cross site scripting

The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG...

4.3CVSS6.2AI score0.03497EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2009/09/18 10:30 p.m.39 views

CVE-2009-3264

The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG...

4.3CVSS5.8AI score0.03497EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2009/09/18 10:0 p.m.24 views

CVE-2009-3264

Removed by vendor...

4.3CVSS6.9AI score0.03497EPSS
Exploits0
Cvelist
Cvelist
added 2009/09/18 10:0 p.m.27 views

CVE-2009-3264

The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG...

5.8AI score0.03497EPSS
Exploits0References5
CVE
CVE
added 2009/09/18 10:0 p.m.81 views

CVE-2009-3264

Google Chrome before 3.0.195.21 is affected by CVE-2009-3264: getSVGDocument omits an access check, allowing remote servers to bypass Same Origin Policy and trigger cross-site scripting via unspecified vectors related to visiting an SVG-hosting page. The vulnerability is documented in multiple fe...

4.3CVSS5.8AI score0.03497EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/09/15 12:0 a.m.41 views

Google Chrome < 3.0.195.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 3.0.195.21. Such versions are reportedly affected by multiple issues : - Google Chrome's inbuilt RSS/ATOM reader renders untrusted JavaScript in an RSS/ATOM feed. Provided a victim connects to a RSS/ATOM feed link controlle...

4.3CVSS6.1AI score0.03497EPSS
Exploits1References6
securityvulns
securityvulns
added 2009/08/25 12:0 a.m.74 views

Update Scanner - Firefox Extension - Chrome Privileged Code Injection

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Update Scanner Chrome Privileged Code Injection +-----------+ |Description| +-----------+ Security-Assessment.com discovered that Update Scanner is vulnerable to Cross Site Scriptin...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/08/25 12:0 a.m.38 views

WizzRSS Firefox Extension - Privileged Code Injection

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. WizzRSS Firefox Extension Code Injection Vulnerability Versions affected: WizzRSS Reader 3.1.0.0 WizzRSS Reader Lite 3.0.0.9b +-----------+ |Description| +-----------+ The WizzRSS...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2009/08/25 12:0 a.m.58 views

ScribeFire Firefox Extension - Privileged Code Injection

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. ScribeFire Firefox Extension Code Injection Vulnerability Versions affected: 3.4.2 +-----------+ |Description| +-----------+ The ScribeFire Firefox extension provides an interface f...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2009/08/25 12:0 a.m.69 views

CoolPreviews - Firefox Extension - Chrome Privileged Code Injection

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. CoolPreviews Chrome Privileged Code Injection +-----------+ |Description| +-----------+ Security-Assessment.com discovered that Coolpreviews stack feature is vulnerable to Cross Sit...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2009/08/25 12:0 a.m.51 views

Feed Sidebar Firefox Extension - Privileged Code Injection

, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Feed Sidebar Firefox Extension Code Injection Vulnerability Versions affected: 3.2 +-----------+ |Description| +-----------+ The Feed Sidebar Firefox extension will generate a previ...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/08/24 12:0 a.m.46 views

RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2008:0210)

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2 Runti...

10CVSS8.7AI score0.16899EPSS
Exploits2References21
Tenable Nessus
Tenable Nessus
added 2009/08/24 12:0 a.m.39 views

RHEL 4 / 5 : java-1.5.0-sun (RHSA-2008:0186)

Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment JRE contains the...

9.3CVSS8.7AI score0.16899EPSS
Exploits2References31
Tenable Nessus
Tenable Nessus
added 2009/08/24 12:0 a.m.41 views

RHEL 5 : java-1.4.2-ibm (RHSA-2008:0955)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0955 advisory. - Java RE allows Same Origin Policy to be Bypassed 6687932 CVE-2008-3104 - Java Web Start, arbitrary file creation 6703909 CVE-2008-3112 -...

10CVSS5.8AI score0.25727EPSS
Exploits1References11
Prion
Prion
added 2009/07/22 6:30 p.m.22 views

Cross site scripting

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted document, related to a "cross origin wrapper bypass."...

4.3CVSS5.7AI score0.02243EPSS
Exploits1References18Affected Software6
NVD
NVD
added 2009/07/22 6:30 p.m.22 views

CVE-2009-2472

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted document, related to a "cross origin wrapper bypass."...

4.3CVSS5.4AI score0.02243EPSS
Exploits1References18
CVE
CVE
added 2009/07/22 6:0 p.m.90 views

CVE-2009-2472

Affected software: Mozilla Firefox before 3.0.12 (as per CVE-2009-2472). Issue: during object construction, Firefox did not always use XPCCrossOriginWrapper, allowing bypass of the Same Origin Policy and enabling cross-site scripting (XSS) via a crafted document. Impact: potential XSS vulnerabili...

4.3CVSS7.5AI score0.02243EPSS
Exploits1References18Affected Software1
RedHat Linux
RedHat Linux
added 2009/07/22 12:27 a.m.5 views

Mozilla multiple cross origin wrapper bypasses

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted document, related to a "cross origin wrapper bypass."...

4.3CVSS5.7AI score0.02243EPSS
Exploits1References4
Rows per page
Query Builder