Lucene search
K

113 matches found

Veracode
Veracode
added 2020/12/05 6:3 a.m.25 views

Stored Cross Site Scripting

Jenkins is vulnerable to stored cross site scripting. An attacker is able to exploit a stored Cross Site Scripting as the f:expandable TextBox form control interprets its content as HTML when expanded...

5.4CVSS0.5AI score0.01033EPSS
Exploits0References5Affected Software69
RedHat Linux
RedHat Linux
added 2020/01/23 4:30 a.m.5 views

jenkins: Stored XSS vulnerability in expandable textbox form control

In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents typically Job/Configure...

5.4CVSS6AI score0.01033EPSS
Exploits0References4
NVD
NVD
added 2019/06/07 5:29 p.m.28 views

CVE-2018-19452

A use after free in the TextBox field Mouse Enter action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19444, this has a different free...

7.8CVSS8.1AI score0.02898EPSS
Exploits1References2
Prion
Prion
added 2019/06/07 5:29 p.m.29 views

Remote code execution

A use after free in the TextBox field Mouse Enter action in IReaderContentProvider can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031. An attacker can leverage this to gain remote code execution. Relative to CVE-2018-19444, this has a different free...

6.8CVSS8AI score0.02898EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2019/06/07 4:49 p.m.68 views

CVE-2018-19452

CVE-2018-19452 and related entries describe a use-after-free vulnerability in Foxit Reader SDK ActiveX (Professional 5.4.0.1031). The issue occurs in the IReader_ContentProvider when a Mouse Enter action triggers a use-after-free on the TextBox field, allowing remote code execution. The Red Hat/N...

7.8CVSS8AI score0.02898EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2019/05/02 5:18 a.m.21 views

Information Disclosure

firefox/thunderbird is vulnerable to authorization bypass. A remote attacker is able to discover a redirect's target URL using malicious Javascript code that executes after a drag-and-drop action of an image into a TEXTBOX element...

4.3CVSS9.1AI score0.02732EPSS
Exploits0References23Affected Software2
OSV
OSV
added 2019/01/24 4:29 a.m.4 views

CVE-2018-17626

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.2AI score0.03918EPSS
Exploits0References2
Prion
Prion
added 2019/01/24 4:29 a.m.20 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.03918EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2019/01/24 4:29 a.m.22 views

CVE-2018-17626

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.8AI score0.03918EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/01/24 4:0 a.m.19 views

CVE-2018-17626

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.4AI score0.03918EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/17 12:0 a.m.2 views

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-23229)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of the Validate event of the TextBox object in Foxit Reader 9.2.0.9297 a...

8.8CVSS8.8AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/10/11 12:0 a.m.35 views

Foxit Reader TextBox Validate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.8AI score0.03918EPSS
Exploits0References1
OSV
OSV
added 2018/09/18 9:29 p.m.6 views

CVE-2018-16794

Microsoft ADFS 4.0 Windows Server 2016 and previous Active Directory Federation Services has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls...

8.6CVSS5.8AI score0.08026EPSS
Exploits1References4
NVD
NVD
added 2018/05/17 3:29 p.m.22 views

CVE-2018-9966

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.8AI score0.03226EPSS
Exploits0References2
OSV
OSV
added 2018/05/17 3:29 p.m.2 views

CVE-2018-9966

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.1AI score0.03226EPSS
Exploits0References2
NVD
NVD
added 2018/05/17 3:29 p.m.28 views

CVE-2018-9968

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.8AI score0.03226EPSS
Exploits0References2
Prion
Prion
added 2018/05/17 3:29 p.m.16 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.03226EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2018/05/17 3:29 p.m.15 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.03226EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2018/05/17 3:0 p.m.22 views

CVE-2018-9967

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8AI score0.03226EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/05/17 3:0 p.m.22 views

CVE-2018-9968

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8AI score0.03226EPSS
Exploits0References2
Rows per page
Query Builder