CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8421 matches found

Tenable Nessus•added 2019/08/12 12:0 a.m.•47 views

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0148)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being fre...

10CVSS8.2AI score0.12658EPSS

Exploits1References10

Tenable Nessus•added 2019/08/12 12:0 a.m.•45 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0088)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - pngimagefree in png.c in libpng 1.6.36 has a use- after-free because pngimagefreefunction is called under pngsafeexecute. CVE-2019-7317 -...

9.8CVSS7.1AI score0.09393EPSS

Exploits3References13

RedHat Linux•added 2019/08/06 12:11 p.m.•3 views

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

4.7CVSS6.7AI score0.03418EPSS

Exploits4References6

OSV•added 2019/07/31 10:15 p.m.•3 views

UBUNTU-CVE-2019-10189

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...

4.3CVSS6.1AI score0.00888EPSS

Exploits0References4

Kitploit•added 2019/07/31 12:56 p.m.•225 views

Xssizer - The Best Tool To Find And Prove XSS Flaws

According to WikiPedia Cross-site scripting is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access...

0.1AI score

Exploits0References1

OpenVAS•added 2019/07/31 12:0 a.m.•45 views

openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2019:1813-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.1AI score0.20271EPSS

Exploits2References2

OpenVAS•added 2019/07/30 12:0 a.m.•132 views

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2019:1811-1)

9.8CVSS8.1AI score0.20271EPSS

Exploits2References2

OPENSUSE Linux•added 2019/07/30 12:0 a.m.•218 views

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2019:1813-1 Rating: important References: 1140868 Cross-References: CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730...

9.8CVSS6.7AI score0.20271EPSS

Exploits2References1

Tenable Nessus•added 2019/07/26 12:0 a.m.•53 views

Ubuntu 16.04 LTS / 18.04 LTS : Firefox regressions (USN-4054-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4054-2 advisory. USN-4054-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the...

5.6AI score

Exploits0References1

OSV•added 2019/07/25 8:3 p.m.•1 views

USN-4054-2 firefox regressions

USN-4054-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pac...

5.9AI score

Exploits0References2

0day.today•added 2019/07/25 12:0 a.m.•67 views

WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads Exploit

BACKGROUND As lokihardt@ has demonstrated in https://bugs.chromium.org/p/project-zero/issues/detail?id=1121, WebKit's support of the obsolete showModalDialog method gives an attacker the ability to perform synchronous cross-origin page loads. In certain conditions, this might lead to...

6.1CVSS7.6AI score0.04558EPSS

Exploits1

Exploit DB•added 2019/07/25 12:0 a.m.•299 views

WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads

7.4AI score

Exploits0

NVD•added 2019/07/23 2:15 p.m.•20 views

CVE-2019-9817

Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

5.3CVSS5.3AI score0.00825EPSS

Exploits0References4

OSV•added 2019/07/23 2:15 p.m.•0 views

DEBIAN-CVE-2019-9817

5.3CVSS8.7AI score0.00825EPSS

Exploits0References1

OSV•added 2019/07/23 2:15 p.m.•6 views

CVE-2019-9817

5.3CVSS8.7AI score

Exploits0References4

Prion•added 2019/07/23 2:15 p.m.•20 views

Spoofing

5CVSS6.1AI score0.00825EPSS

Exploits0References4Affected Software3

Cvelist•added 2019/07/23 1:24 p.m.•17 views

CVE-2019-9817

5.5AI score0.00825EPSS

Exploits0References4

CVE•added 2019/07/23 1:24 p.m.•289 views

CVE-2019-9817

CVE-2019-9817 describes cross-origin image access via canvas that can leak image data across domains. Publicly reported impact affects Mozilla products including Thunderbird and Firefox (non-ESR and ESR lines) prior to version thresholds: Thunderbird <60.7, Firefox <67, ESR

5.3CVSS5.4AI score0.00825EPSS

Exploits0References4Affected Software3