Page 63 of 521 results (0.007 seconds)

CVSS: 6.8EPSS: 0%CPEs: 27EXPL: 0

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior. La función nsLocation::CheckURL en Mozilla Firefox anteriores a v16.0.2, Firefox ESR 10.x anteriores a v10.0.10, Thunderbird anteriores a v16.0.2, Thunderbird ESR v10.x anteriores a v10.0.10, y SeaMonkey anteriores a v2.13.2 no determina de forma adecuada el documento que llama y principal en su valor de retorno, lo que facilita a atacantes remotos a conducir ataques de ejecución de secuencias de comandos en sitios cruzados (XSS)a través de un sitio Web manipulado y facilita a atacantes remotos a ejecutar código Javascript aprovechando ciertos comportamiento de complementos. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00025.html http://rhn.redhat.com/errata/RHSA-2012-1407.html http://rhn.redhat.com/errata/RHSA-2012-1413.html http://secunia.com/advisories/51121 http://secunia.com/advisories/51123 http://secunia.com/advisories/51127 http://secunia.com/advisories/51144 http://secunia.com/advisories/51146 http://secunia.com/advisories/51147 http://secunia.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.0EPSS: 0%CPEs: 15EXPL: 0

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=135109152819176&w=2 http://rhn.redhat.com/errata/RHSA-2013-0219.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://www.ubuntu.com/usn/USN-1703-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 https://access.redhat.com •

CVSS: 3.5EPSS: 0%CPEs: 14EXPL: 0

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server Full Text Search. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.ubuntu.com/usn/USN-1621-1 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •

CVSS: 9.0EPSS: 0%CPEs: 37EXPL: 0

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Information Schema. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://secunia.com/advisories/56509 http://secunia.com/advisories/56513 http://security.gentoo.org/glsa/glsa-201308-06.xml http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http:/&# •

CVSS: 4.0EPSS: 0%CPEs: 14EXPL: 0

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.65 y anteriores, y v5.5.27 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server Optimizer. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.ubuntu.com/usn/USN-1621-1 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •