Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
use any font project use any font vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2010-4199
Google Chrome prior to 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted SVG document.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
7.8
CVSSv3
CVE-2010-4040
Google Chrome prior to 7.0.517.41 does not properly handle animated GIF images, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
Opensuse Opensuse
7.5
CVSSv3
CVE-2010-4577
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome prior to 8.0.552.224, Chrome OS prior to 8.0.552.343, webkitgtk prior to 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which...
Webkitgtk Webkitgtk
Google Chrome Os
Google Chrome
Fedoraproject Fedora 13
Debian Debian Linux 7.0
Debian Debian Linux 6.0
6.1
CVSSv3
CVE-2021-24977
The Use Any Font | Custom Font Uploader WordPress plugin prior to 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users. Due to the lack of sanitisation a...
Use Any Font Project Use Any Font
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
155 Github repositories
NA
CVE-2010-0474
Several vulnerabilities have been discovered in WebKit, a Web content engine library for GTK+. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1783 WebKit does not properly handle dynamic modification of a text node, which allows remot...
NA
CVE-2011-0778
Google Chrome prior to 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote malicious users to bypass the Same Origin Policy via unspecified vectors.
Google Chrome
NA
CVE-2011-0482
Google Chrome prior to 8.0.552.237 and Chrome OS prior to 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted HTM...
Google Chrome Os
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
NA
CVE-2010-4578
Google Chrome prior to 8.0.552.224 and Chrome OS prior to 8.0.552.343 do not properly perform cursor handling, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
Google Chrome Os
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
NA
CVE-2010-4492
Use-after-free vulnerability in Google Chrome prior to 8.0.552.215 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations.
Google Chrome
Debian Debian Linux 6.0
Debian Debian Linux 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »