Lucene search
K

132 matches found

ATTACKERKB
ATTACKERKB
added 2024/10/09 12:0 a.m.33 views

CVE-2024-9680

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1, Thunderbird...

9.8CVSS6.8AI score0.32568EPSS
In wildExploits2References5
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.24 views

Mozilla Firefox ESR < 128.3.1

The version of Firefox ESR installed on the remote Windows host is prior to 128.3.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-51 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation...

9.8CVSS9.3AI score0.32568EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.22 views

Mozilla Firefox < 131.0.2

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 131.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-51 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation...

9.8CVSS9.3AI score0.32568EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.21 views

Mozilla Firefox < 131.0.2

The version of Firefox installed on the remote Windows host is prior to 131.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-51 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. ...

9.8CVSS9.3AI score0.32568EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.16 views

Mozilla Firefox ESR < 128.3.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 128.3.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-51 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animati...

9.8CVSS9.3AI score0.32568EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.14 views

Mozilla Firefox ESR < 115.16.1

The version of Firefox ESR installed on the remote Windows host is prior to 115.16.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-51 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation...

9.8CVSS9.3AI score0.32568EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/18 12:0 a.m.5 views

PT-2024-37102 · WordPress · Timeline Event History Plugin

Name of the Vulnerable Software and Affected Versions: Timeline Event History plugin for WordPress versions up to, and including, 3.1 Description: The issue allows authenticated attackers with Contributor-level access and above to inject a PHP Object via deserialization of untrusted input...

8.8CVSS6.9AI score0.00718EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.20 views

Fedora: Security Advisory for qt6-qtquicktimeline (FEDORA-2024-bfb8617ba3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.0097EPSS
Exploits0References2
Fedora
Fedora
added 2024/05/29 3:37 a.m.19 views

[SECURITY] Fedora 40 Update: qt6-qtquicktimeline-6.7.1-1.fc40

The Qt Quick Timeline plugin provides QML types to use timelines and keyframes to animate Qt Quick user interfaces...

9.8CVSS6.7AI score0.0097EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2024/05/21 4:29 a.m.13 views

achigan.net Cross Site Scripting vulnerability OBB-3929230

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/03/24 8:4 p.m.9 views

aptawa.org Cross Site Scripting vulnerability OBB-3884772

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2024/03/06 11:15 a.m.24 views

BIT-GITLAB-2022-2527

An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2.which allowed an authenticated attacker to inject arbitrary content. A victim...

8CVSS7.3AI score0.00846EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.26 views

GitLab 14.9 < 15.1.6 / 15.2 < 15.2.4 / 15.3 < 15.3.2 (CVE-2022-2527)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue in Incident Timelines has been discovered in GitLab CE/EE affecting all versions starting from 14.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15...

8CVSS7.8AI score0.00846EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2023/08/03 12:47 p.m.18 views

A Penetration Testing Buyer's Guide for IT Security Teams

The frequency and complexity of cyber threats are constantly evolving. At the same time, organizations are now collecting sensitive data that, if compromised, could result in severe financial and reputational damage. According to Cybersecurity Ventures, the cost of cybercrime is predicted to hit ...

7.1AI score
Exploits0
Mageia
Mageia
added 2023/07/26 10:7 p.m.74 views

Updated microcode packages fix security vulnerability

Under specific microarchitectural circumstances, a register in "Zen 2" CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may allow an attacker to potentially access sensitive information CVE-2023-20593, also know...

5.5CVSS7.3AI score0.05794EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2023/07/26 8:53 a.m.6 views

www2.ub.gu.se Cross Site Scripting vulnerability OBB-3551622

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/05/15 11:41 p.m.8 views

watanabechem.co.jp Cross Site Scripting vulnerability OBB-3341164

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/03/30 5:3 p.m.17 views

Risk Fact #3: Initial Access Brokers Attack What Organizations Ignore

Qualys Blog Series – Threat Research Unit Report “Divide and Conquer” is an emerging and winning strategy for cyber criminals who split responsibilities to improve execution of the attack process. Some threat actors specialize in the back end, which often is ransomware deployed at scale. The fron...

7.2AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2023/03/20 6:24 p.m.11 views

Everything you need to know about HITRUST v11

HITRUST v11 is finally here. In this blog post, Coalfire HITRUST experts provide guidance to address the key details surrounding the transition timelines and what organizations can expect with the latest version...

7AI score
Exploits0
GoogleProjectZero
GoogleProjectZero
added 2023/03/16 12:0 a.m.127 views

Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems

Posted by Tim Willis, Project Zero In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities CVE-2023-24033, CVE-2023-26496, CVE-2023-26497 and CVE-2023-26498 allowed...

9.8CVSS9.4AI score0.34305EPSS
Exploits0
Rows per page
Query Builder