Lucene search
K

56 matches found

RedHat Linux
RedHat Linux
added 2019/02/12 2:46 a.m.185 views

Critical: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

9.6CVSS7.2AI score0.12879EPSS
Exploits2References30
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2019/01/29 12:0 a.m.74 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 72 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 72.0.3626.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

9.6CVSS8.8AI score0.12879EPSS
Exploits3Affected Software1
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.41 views

Cross-site Scripting in actionpack

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...

4.3CVSS5.5AI score0.02504EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2017/10/24 6:33 p.m.35 views

GHSA-2XJJ-5X6H-8VMF Cross-site Scripting in actionpack

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...

4.3CVSS5.1AI score0.02504EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2017/07/27 12:0 a.m.33 views

Fedora 24 : webkitgtk4 (2017-37f68e3534)

This update addresses the following vulnerabilities : - CVE-2017-2538 Additional fixes : - Fix web process deadlock when seeking youtube videos. - Fix blob downloads. - Improve theme rendering performance when using GTK+ = 3.20. - Fix positioning of popup menus in Wayland. - Fix JavaScriptCore...

8.8CVSS7.7AI score0.01827EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/07/10 12:0 a.m.28 views

Fedora 25 : webkitgtk4 (2017-bff1b87765)

This update addresses the following vulnerabilities : - CVE-2017-2538 Additional fixes : - Fix web process deadlock when seeking youtube videos. - Fix blob downloads. - Improve theme rendering performance when using GTK+ = 3.20. - Fix positioning of popup menus in Wayland. - Fix JavaScriptCore...

8.8CVSS7.7AI score0.01827EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to incorrect checking of the render state during the focus event in the object model of the document DOM implementation of Blink for Google Chrome. Exploiting this vulnerability allows malicious actors to cause service failures or otherwi...

7.5CVSS8AI score0.03252EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2014/04/26 10:55 a.m.24 views

Type confusion

core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibl...

7.5CVSS7.7AI score0.03252EPSS
Exploits0References15Affected Software1
OpenVAS
OpenVAS
added 2013/11/08 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-2009-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.3AI score0.06493EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/11/01 12:0 a.m.38 views

Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : thunderbird vulnerabilities (USN-2010-1)

Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the...

10CVSS7.9AI score0.06493EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2013/10/30 12:0 a.m.39 views

Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...

10CVSS8.1AI score0.06493EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2013/07/12 12:0 a.m.25 views

Mozilla Thunderbird Multiple Vulnerabilities - Oct 12 (Windows)

The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvulnoct12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - Oct 12 Windows Authors: Arun Kallavi Copyright:...

9.3CVSS0.7AI score0.03464EPSS
Exploits0References5
CVE
CVE
added 2012/10/10 5:0 p.m.71 views

CVE-2012-5354

CVE-2012-5354 is covered by details in connected advisories/plugins. The open-connected sources show that Mozilla Firefox before 16.0, Mozilla Thunderbird before 16.0, and SeaMonkey before 2.13 are vulnerable to a clickjacking-style issue when navigating away from a page that has an active set of...

6.8CVSS9AI score0.01678EPSS
Exploits0References6Affected Software3
UbuntuCve
UbuntuCve
added 2012/03/13 10:55 a.m.45 views

CVE-2012-1099

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...

4.3CVSS6AI score0.02504EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2012/03/13 10:0 a.m.77 views

CVE-2012-1099

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...

4.3CVSS5.5AI score0.02504EPSS
Exploits0
RubySec
RubySec
added 2012/03/01 12:0 a.m.36 views

CVE-2012-1099 rubygem-actionpack: XSS in the "select" helper

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...

4.3CVSS5.3AI score0.02504EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder