Lucene search
K

15 matches found

Redos
Redos
added 2026/05/15 12:0 a.m.14 views

ROS-20260515-73-0049

A vulnerability in the ChromeDriver component of Google Chrome for Android browser is related to the use of an untrusted cross-domain policy file. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...

6.5CVSS5.8AI score0.00187EPSS
Exploits0
Redos
Redos
added 2025/09/29 12:0 a.m.3 views

ROS-20250929-12

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to with an operation exceeding the memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability in JavaScript Engine...

9.8CVSS7.3AI score0.0053EPSS
Exploits0
Redos
Redos
added 2025/09/22 12:0 a.m.2 views

ROS-20250922-02

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to incorrect code generation control. code generation control. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Vulnerability in Mozilla Firefox, Firefox ESR...

8.8CVSS7.3AI score0.00326EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/09/19 12:0 a.m.2 views

The vulnerability in the Layout component of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to execute arbitrary code.

The vulnerability of the Layout component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

6.5CVSS6.9AI score0.00281EPSS
Exploits0References20Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/08/27 12:0 a.m.1 views

The vulnerability of the Canvas2D component in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows attackers to compromise the integrity of protected information.

The vulnerability of the Canvas2D component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of protected information...

5CVSS7.2AI score0.00231EPSS
Exploits0References25Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/01/23 12:0 a.m.8 views

The vulnerability of the IBM DevOps Velocity lifecycle management platform (previously known as IBM UrbanCode Velocity) stems from the use of an untrusted inter-domain policy file. This allows attackers to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the IBM DevOps Velocity lifecycle management platform previously known as IBM UrbanCode Velocity is related to the use of an untrusted inter-domain policy file. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information and...

5.3CVSS5.5AI score0.00345EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.7 views

The vulnerability of software for managing and securing environments on IBM Power Systems, IBM PowerSC, arises from the use of an untrusted interdomain policy file. This allows attackers to perform privileged actions and extract confidential information.

The vulnerability of the IBM PowerSC microprocessor architecture is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows attackers to perform privileged actions and extract confidential information...

5.3CVSS7.7AI score0.00456EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.6 views

PT-2023-8059 · Siemens · Totally Integrated Automation Portal +5

Name of the Vulnerable Software and Affected Versions: Opcenter Execution Foundation versions prior to V2407 Opcenter Quality versions prior to V2312 SIMATIC PCS neo versions prior to V4.1 SINEC NMS versions prior to V2.0 SP1 Totally Integrated Automation Portal TIA Portal V14 Totally Integrated...

10CVSS7.1AI score0.0094EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/11/22 12:0 a.m.6 views

The vulnerability of the SIMATIC PCS neo technology process management web system, related to the use of an untrusted inter-domain policy file, allows a perpetrator to execute arbitrary codes.

The vulnerability of the SIMATIC PCS neo technology process management web system is related to the use of an untrusted interdomain policy file. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.3CVSS8AI score0.00618EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/21 12:0 a.m.4 views

The vulnerability in the Firefox web browser, related to the use of an untrusted intermediate policy file, allows a perpetrator to access confidential data.

The vulnerability in the Firefox web browser is related to the use of an untrusted cookie file. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

7.8CVSS6.8AI score0.00767EPSS
Exploits1References10Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/08/16 12:0 a.m.6 views

The vulnerability in the isolated iframe environment of Google Chrome allows a perpetrator to bypass existing security restrictions and gain unauthorized access to protected information.

The vulnerability in the isolated iframe environment of Google Chrome relates to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information through a...

5CVSS5.4AI score0.00538EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/08/07 12:0 a.m.7 views

The vulnerability of Google Chrome’s Intents function on Android allows a hacker to bypass existing security restrictions.

The vulnerability of Google Chrome’s Intents API for Android is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...

7.8CVSS6.5AI score0.00459EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/08/02 12:0 a.m.8 views

The vulnerability of the OffscreenCanvas function in Firefox and Firefox ESR browsers allows a hacker to execute arbitrary code.

The vulnerability of the OffscreenCanvas function in Firefox and Firefox ESR browsers is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.7AI score0.00527EPSS
Exploits0References13Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/09/14 12:0 a.m.5 views

The vulnerability of the WPE WebKit web page rendering module, related to the use of an untrusted intermediate policy file, allows a attacker to compromise data integrity.

The vulnerability of the WPE WebKit web page rendering module is related to the use of an untrusted intermediate policy file. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

7.1CVSS6.5AI score0.01604EPSS
Exploits0References8Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 10:18 p.m.54 views

Security Bulletin: IBM DataPower Gateway has released a fixpack in response to the vulnerability known as Spectre.

Summary IBM has released the following fixpack for IBM DataPower Gateways in response to CVE-2017-5753. Vulnerability Details CVEID: CVE-2017-5753 Affected Products and Versions IBM DataPower Gateways appliances, versions 7.1.0.0-7.1.0.21, 7.2.0.0-7.2.0.18, 7.5.0.0-7.5.0.12, 7.5.1.0-7.5.1.11,...

5.6CVSS1.3AI score0.93838EPSS
Exploits9Affected Software1
Rows per page
Query Builder