CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2018/05/24 8:0 p.m.•18 views

CVE-2018-7526

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator URL on the webserver, a malicious user may be able to access information in the application without authenticating...

7.3AI score0.00216EPSS

Cvelist•added 2018/05/24 8:0 p.m.•16 views

CVE-2018-7518

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner...

9.3AI score0.00236EPSS

CVE•added 2018/05/24 8:0 p.m.•52 views

CVE-2018-7526

The CVE-2018-7526 vulnerability affects BeaconMedaes Scroll Medical Air Systems’ TotalAlert Web Application (software versions up to 4107600010.23). It arises from improper access control: a malicious actor can access information in the web application by requesting a specific URL without authent...

7.5CVSS7.2AI score0.00216EPSS

ICS•added 2018/05/24 12:0 a.m.•45 views

BeaconMedaes TotalAlert Scroll Medical Air Systems

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: BeaconMedaes Equipment: TotalAlert Scroll Medical Air Systems web application Vulnerabilities: Improper Access Control, Insufficiently Protected Credentials, Unprotected Storage of Credentials 2...

9.8CVSS9.3AI score0.00247EPSS

Exploits0References5

RedHat Linux•added 2017/05/08 6:45 a.m.•3 views

Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

RedHat Linux•added 2017/04/21 12:49 a.m.•2 views

Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12)

Zero Day Initiative•added 2017/04/21 12:0 a.m.•35 views

Foxit Reader scroll Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the scroll method...

6.8CVSS7AI score

RedHat Linux•added 2017/04/20 8:21 a.m.•0 views

Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12)

RedhatCVE•added 2017/04/20 6:19 a.m.•28 views

CVE-2017-5441

9.8CVSS1.2AI score0.01915EPSS

Exploits1References2

UbuntuCve•added 2017/04/20 12:0 a.m.•29 views

CVE-2017-5441

9.8CVSS7.2AI score0.01915EPSS

Exploits1References4

OSV•added 2017/04/20 12:0 a.m.•0 views

UBUNTU-CVE-2017-5441

BDU FSTEC•added 2016/07/05 12:0 a.m.•2 views

The vulnerability of Google Chrome’s browser allows a malicious actor to replace the user interface.

Google Chrome browser contains a vulnerability in the ScrollView::paint function located in platform/scroll/ScrollView.cpp. This vulnerability allows malicious actors to remotely replace the user interface by expanding the scroll bar on the parent frame...

5CVSS7.5AI score0.00637EPSS

Exploits0References2Affected Software1

Zero Day Initiative•added 2016/05/10 12:0 a.m.•29 views

Adobe Reader DC ScrollWheelEventHandler Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.9AI score0.02457EPSS

Exploits1References1

Zero Day Initiative•added 2015/07/14 12:0 a.m.•30 views

Adobe Reader ScrollWheelEventHandler Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS6.4AI score0.03656EPSS

Exploits2References1

CNVD•added 2015/02/10 12:0 a.m.•2 views

Drupal GD Infinite Scroll Module Cross-Site Scripting Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.GD Infinite Scroll is one of the automatic paging modules used to automatically load the next page of content when scrolling a web page. A cross-site scripting vulnerability exists in t...

4.3CVSS6AI score0.00296EPSS

CNVD•added 2015/02/10 12:0 a.m.•2 views

Drupal GD Infinite Scroll Module Cross-Site Request Forgery Vulnerability

6.8CVSS7.1AI score0.00126EPSS