Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SuseLinux Enterprise Desktop

66 matches found

CVE
CVEadded 2014/02/06 5:44 a.m.68 views

CVE-2014-1488

The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js.

10CVSS9.4AI score0.01089EPSS
CVE
CVEadded 2014/10/15 10:55 p.m.68 views

CVE-2014-6564

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.

4CVSS6.1AI score0.00471EPSS
CVE
CVEadded 2014/02/06 5:44 a.m.67 views

CVE-2014-1480

The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.

4.3CVSS8.9AI score0.0052EPSS
CVE
CVEadded 2014/03/19 10:55 a.m.67 views

CVE-2014-1502

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors.

6.8CVSS9.1AI score0.00284EPSS
CVE
CVEadded 2014/03/19 10:55 a.m.65 views

CVE-2014-1498

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ...

5CVSS8.8AI score0.00548EPSS
CVE
CVEadded 2014/07/17 5:10 a.m.65 views

CVE-2014-2484

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

6.5CVSS5.1AI score0.00634EPSS
CVE
CVEadded 2014/07/17 5:10 a.m.64 views

CVE-2014-4214

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.

3.3CVSS5.1AI score0.01083EPSS
CVE
CVEadded 2014/03/19 10:55 a.m.63 views

CVE-2014-1500

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

5CVSS9AI score0.02256EPSS
CVE
CVEadded 2014/10/15 3:55 p.m.63 views

CVE-2014-6474

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.

3.5CVSS6.1AI score0.0038EPSS
CVE
CVEadded 2014/03/19 10:55 a.m.59 views

CVE-2014-1504

The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart...

2.6CVSS8.1AI score0.00606EPSS
CVE
CVEadded 2014/02/06 5:44 a.m.57 views

CVE-2014-1485

The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient sty...

7.5CVSS9.4AI score0.00964EPSS
CVE
CVEadded 2014/03/19 10:55 a.m.53 views

CVE-2014-1499

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

4.3CVSS9AI score0.00611EPSS
CVE
CVEadded 2014/03/19 10:55 a.m.53 views

CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

5.8CVSS8.9AI score0.00229EPSS
CVE
CVEadded 2014/06/11 2:55 p.m.53 views

CVE-2014-2977

Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overfl...

10CVSS7.8AI score0.10198EPSS
CVE
CVEadded 2014/02/06 5:44 a.m.52 views

CVE-2014-1484

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.

5CVSS8.5AI score0.00632EPSS
CVE
CVEadded 2014/06/11 2:55 p.m.47 views

CVE-2014-2978

The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.

10CVSS7.6AI score0.08617EPSS
Total number of security vulnerabilities66