Lucene search
K

123 matches found

Mageia
Mageia
added 2022/02/09 8:46 p.m.28 views

Updated epiphany packages fix security vulnerability

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list CVE-2021-45085. XSS can occur in GNOME Web aka Epiphany before 40.4 a...

6.1CVSS6.4AI score0.01485EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/01/13 12:0 a.m.28 views

Debian DSA-5042-1 : epiphany-browser - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5042 advisory. - XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS...

6.1CVSS6.1AI score0.01485EPSS
Exploits4References11
Veracode
Veracode
added 2021/12/21 1:33 p.m.26 views

Cross-site Scripting (XSS)

epiphany is vulnerable to cross-site scripting. The vulnerability exists when View Source mode or Reader mode is used, as demonstrated by a a page title...

6.1CVSS1AI score0.01485EPSS
Exploits1References5Affected Software3
OSV
OSV
added 2021/12/16 3:15 a.m.2 views

DEBIAN-CVE-2021-45087

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

6.1CVSS5.9AI score0.01485EPSS
Exploits1References1
Prion
Prion
added 2021/12/16 3:15 a.m.20 views

Cross site scripting

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

4.3CVSS6AI score0.01485EPSS
Exploits1References4Affected Software2
UbuntuCve
UbuntuCve
added 2021/12/16 3:15 a.m.24 views

CVE-2021-45087

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

6.1CVSS6.3AI score0.01485EPSS
Exploits1References3
OSV
OSV
added 2021/12/16 3:15 a.m.2 views

UBUNTU-CVE-2021-45087

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

6.1CVSS5.8AI score0.01485EPSS
Exploits1References4
CVE
CVE
added 2021/12/16 2:19 a.m.110 views

CVE-2021-45087

CVE-2021-45087 affects GNOME Web (Epiphany). The vulnerability arises when using View Source mode or Reader mode, allowing an XSS payload via the page title. Affected component is Epiphany/GNOME Web; root cause is improper handling in those modes leading to script execution. Impact is XSS under t...

6.1CVSS5.9AI score0.01485EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2021/12/16 2:19 a.m.17 views

CVE-2021-45087

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

6.1CVSS6AI score0.01485EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/12/16 12:0 a.m.1 views

PT-2021-24199 · Gnome +3 · Gnome Web +3

Name of the Vulnerable Software and Affected Versions: GNOME Web aka Epiphany versions prior to 40.4 GNOME Web aka Epiphany versions 41.x prior to 41.1 Description: The issue allows XSS to occur when View Source mode or Reader mode is used, as demonstrated by a page title. Recommendations: For...

7.5CVSS6.2AI score0.01952EPSS
Exploits4References35
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.20 views

Mozilla Firefox Security Advisory (MFSA2015-149) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

5CVSS9.5AI score0.06058EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.7 views

The vulnerability of the shared/view_source.php component in the OpenClinic medical record management software allows a hacker to execute arbitrary code.

The vulnerability of the shared/viewsource.php component in the OpenClinic medical record management software is related to authentication errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS7.5AI score0.01065EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/06/16 12:0 a.m.6 views

PT-2021-3440 · Jact · Openclinic

Name of the Vulnerable Software and Affected Versions: Jact OpenClinic version 0.8.20160412 Description: The issue is related to errors in authorization in the shared/view source.php component of the OpenClinic software for managing medical records. An attacker, acting remotely, can exploit this...

9CVSS7.2AI score0.01065EPSS
Exploits1References7
CNNVD
CNNVD
added 2021/06/16 12:0 a.m.5 views

Jact OpenClinic 安全漏洞

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in Jact OpenClinic version 0.8.20160412, which could lead to an RCE vulnerability if an attacker logs in...

7.2CVSS7.1AI score0.01065EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/01/28 12:0 a.m.6 views

The vulnerability in the WebExtensions extension of the Mozilla Firefox browser allows a hacker to gain unauthorized access to protected information.

The vulnerability of the WebExtensions extension in the Mozilla Firefox browser is related to deficiencies in restrictions when using the URL “view-source:” for viewing the local URL “file:”, as well as content stored in “about:cache”. Exploiting this vulnerability can allow an attacker to gain...

7.8CVSS7.4AI score0.01679EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2021/01/07 2:15 p.m.1 views

DEBIAN-CVE-2020-35111

When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...

4.3CVSS6.5AI score0.01172EPSS
Exploits0References1
OSV
OSV
added 2021/01/07 2:15 p.m.19 views

CVE-2020-35111

When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...

4.3CVSS7.9AI score0.01172EPSS
Exploits0References4
Prion
Prion
added 2021/01/07 2:15 p.m.28 views

Design/Logic Flaw

When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...

4.3CVSS5AI score0.01172EPSS
Exploits0References4Affected Software3
AlpineLinux
AlpineLinux
added 2021/01/07 1:50 p.m.42 views

CVE-2020-35111

When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...

4.3CVSS6.1AI score0.01172EPSS
Exploits0
Cvelist
Cvelist
added 2021/01/07 1:50 p.m.16 views

CVE-2020-35111

When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...

5.7AI score0.01172EPSS
Exploits0References4
Rows per page
Query Builder