CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

Prion•added 2023/10/25 6:17 p.m.•19 views

Command injection

The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...

4.3CVSS6.9AI score0.00212EPSS

Exploits0References4Affected Software3

CISA KEV Catalog•added 2022/05/24 12:0 a.m.•14 views

Microsoft Internet Explorer and Edge Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer...

6.5CVSS2AI score0.45407EPSS

In wildExploits1

CNVD•added 2022/03/18 12:0 a.m.•24 views

gradio arbitrary code injection vulnerability

gradio is an open source framework. gradio is vulnerable to arbitrary code injection. The vulnerability automatically runs these commands and can be exploited by an attacker to run arbitrary commands on a user's computer...

8.8CVSS3.8AI score0.00591EPSS

Exploits0References1

Mozilla•added 2019/06/20 12:0 a.m.•63 views

Security vulnerabilities fixed in Thunderbird 60.7.2 — Mozilla

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. Insufficient vetting of parameters passed with the Prompt:Open IPC message between chi...

10CVSS1.4AI score0.84291EPSS

Exploits14References2Affected Software1

OpenVAS•added 2019/02/13 12:0 a.m.•98 views

Microsoft Excel 2013 Service Pack 1 Information Disclosure Vulnerability (KB4461597)

This host is missing an important security update according to Microsoft KB4461597 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

6.5CVSS6.6AI score0.25751EPSS

Exploits0References1

Tenable Nessus•added 2019/02/12 12:0 a.m.•70 views

Security Updates for Microsoft Excel Products (February 2019)

The Microsoft Excel Products are missing security updates. They are, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the...

6.5CVSS6.8AI score0.25751EPSS

Exploits0References7

Debian CVE•added 2018/06/11 9:0 p.m.•36 views

CVE-2017-5428

An integer overflow in "createImageBitmap" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. Thi...

9.8CVSS9.7AI score0.00371EPSS

Exploits1

Microsoft CVE•added 2018/05/08 7:0 a.m.•20 views

Scripting Engine Information Disclosure Vulnerability

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data. To exploit the vulnerability, an attacker must know the memory address of where the objec...

7.6CVSS1AI score0.72098EPSS

Exploits6

OpenVAS•added 2017/12/13 12:0 a.m.•33 views

Microsoft Office 2013 Service Pack 1 Information Disclosure Vulnerability (KB4011277)

This host is missing an important security update according to Microsoft KB4011277 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

5.5CVSS5.7AI score0.23479EPSS

Exploits0References2

Microsoft CVE•added 2017/03/14 7:0 a.m.•29 views

Internet Explorer Information Disclosure Vulnerability

An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website used to attempt to exploit the...

4.3CVSS0.7AI score0.22034EPSS

Exploits8

0day.today•added 2014/03/01 12:0 a.m.•34 views

Oracle Demantra 12.2.1 - Stored XSS Vulnerability

Exploit for windows platform in category web applications Details: The TaskSender area is vulnerable to a stored cross-site scripting vulnerability. Impact: An attacker could exploit this flaw to get active HTML or script code executed in an authenticated user’s browser. Cross-site Scripting may ...

4.3CVSS6.5AI score0.36094EPSS

Exploits2

securityvulns•added 2007/10/23 12:0 a.m.•74 views

Mozilla Foundation Security Advisory 2007-32

Mozilla Foundation Security Advisory 2007-32 Title: File input focus stealing vulnerability Impact: Moderate Announced: October 18, 2007 Reporter: hong, Charles McAuley Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.8 SeaMonkey 1.1.5 Description A user on the Sla.ckers.org forums named hong...

4.3CVSS6AI score0.06905EPSS

Exploits2

seebug.org•added 2007/08/02 12:0 a.m.•47 views

Live for Speed S1/S2/Demo (.mpr replay file) Buffer Overflow Exploit

No description provided by source. / 0day Live for speed patch x s2 /s1 and demo local .mpr buffer over flow Credit's to n00b for finding bug and writing the exploit Lfs is a racing simulator with a huge player data-base with 100,000+ user's. I found a local buffer over flow where im able to...

7.1AI score

Exploits0

securityvulns•added 2006/06/22 12:0 a.m.•34 views

Jaguarsoft JEdit ActiveX information leak

It's possible to retrieve sensitive information about user's computer...

3.1AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by