Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frame vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-7066
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote malicious users to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted fr...
Microsoft Internet Explorer 6.0
1 EDB exploit
NA
CVE-2000-0028
Internet Explorer 5.0 and 5.01 allows remote malicious users to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
Microsoft Ie 4.0
Microsoft Internet Explorer 3.0.2
Microsoft Internet Explorer 3.0
Microsoft Internet Explorer 3.1
Microsoft Internet Explorer 3.2
Microsoft Internet Explorer 4.0
Microsoft Internet Explorer 4.0.1
Microsoft Internet Explorer 4.1
Microsoft Internet Explorer 4.5
Microsoft Internet Explorer 5.1
Microsoft Internet Explorer 5.0
1 EDB exploit
NA
CVE-2013-5523
The Sponsor Portal in Cisco Identity Services Engine (ISE) 1.2 and previous versions does not properly restrict use of IFRAME elements, which makes it easier for remote malicious users to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related t...
Cisco Identity Services Engine Software 1.0
Cisco Identity Services Engine Software
Cisco Identity Services Engine Software 1.1
6.5
CVSSv3
CVE-2017-2365
An issue exists in certain Apple products. iOS prior to 10.2.1 is affected. Safari prior to 10.0.3 is affected. tvOS prior to 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote malicious users to bypass the Same Origin Policy and obtain sens...
Apple Iphone Os
Apple Safari
Apple Tvos
Webkitgtk Webkitgtk\\+
1 EDB exploit
7.4
CVSSv3
CVE-2018-0235
A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability ...
Cisco Wireless Lan Controller Software 8.6\\(1.106\\)
Cisco Wireless Lan Controller Software 8.6\\(1.114\\)
NA
CVE-2002-1187
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 up to and including 6.0 allows remote malicious users to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scrip...
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 6.0
1 EDB exploit
8.6
CVSSv3
CVE-2020-3527
A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote malicious user to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo f...
Cisco Ios Xe
NA
CVE-2021-1285
Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the Snort detection engine that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper handling of error conditio...
6.1
CVSSv3
CVE-2018-0326
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an unauthenticated, remote malicious user to conduct a cross-frame scripting (XFS) attack against a user of the web UI of the affected software. The vulnerability is due to insufficient protections fo...
Cisco Telepresence Tx9000 Firmware 10.0\\(2.98000.99\\)
NA
CVE-2013-1695
Mozilla Firefox prior to 22.0 does not properly implement certain DocShell inheritance behavior for the sandbox attribute of an IFRAME element, which allows remote malicious users to bypass intended access restrictions via a FRAME element within an IFRAME element.
Mozilla Firefox 20.0
Mozilla Firefox 20.0.1
Mozilla Firefox
Mozilla Firefox 19.0.1
Mozilla Firefox 19.0.2
Mozilla Firefox 19.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »