Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frame vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0465
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote malicious user to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 4.0
1 EDB exploit
NA
CVE-2015-6311
Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allow remote malicious users to cause a denial of service (device outage) by sending malformed 802.11i management data to a managed access point, aka Bug ID CSCub65236.
Cisco Wireless Lan Controller 7.0\\(240.0\\)
Cisco Wireless Lan Controller 7.4\\(1.19\\)
Cisco Wireless Lan Controller 7.3\\(101.0\\)
NA
CVE-2008-2949
Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote malicious users to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydow...
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
1 EDB exploit
NA
CVE-2008-2948
Cross-domain vulnerability in Microsoft Internet Explorer 7 and 8 allows remote malicious users to change the location property of a frame via the Object data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydow...
Microsoft Internet Explorer 8
Microsoft Internet Explorer 7
1 EDB exploit
NA
CVE-2015-0599
The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote malicious users to conduct clickjacking attacks and unspecified other a...
Cisco Unified Computing System -
1 Github repository
NA
CVE-2005-4365
Multiple cross-site scripting (XSS) vulnerabilities in FLIP 0.9.0.1029 allow remote malicious users to inject arbitrary web script or HTML via the (1) name parameter in text.php and (2) frame parameter in forum.php.
Flip Flip 0.9.0.1029
2 EDB exploits
9.8
CVSSv3
CVE-2022-24049
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Sonos One Speaker before 3.4.1 (S2 systems) and 11.2.13 build 57923290 (S1 systems). Authentication is not required to exploit this vulnerability. The specific flaw exists with...
Sonos S1
Sonos S2
NA
CVE-2008-0240
/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote malicious users to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
1 EDB exploit
NA
CVE-2013-1738
Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox prior to 24.0, Thunderbird prior to 24.0, and SeaMonkey prior to 2.21 allows remote malicious users to execute arbitrary code by leveraging incorrect garbage collection in situations involvi...
Mozilla Seamonkey 2.14
Mozilla Seamonkey 2.13
Mozilla Seamonkey 2.12
Mozilla Seamonkey 2.11
Mozilla Seamonkey 2.10
Mozilla Seamonkey 2.1
Mozilla Seamonkey 2.0.4
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0
Mozilla Seamonkey 2.20
Mozilla Seamonkey 2.10.1
Mozilla Seamonkey 2.0.8
Mozilla Seamonkey 2.0.7
Mozilla Seamonkey 2.0.12
Mozilla Seamonkey 2.0.11
Mozilla Seamonkey 2.19
Mozilla Seamonkey 2.17
Mozilla Seamonkey 2.16
Mozilla Seamonkey 2.15
Mozilla Seamonkey 2.13.2
Mozilla Seamonkey 2.13.1
Mozilla Seamonkey 2.12.1
NA
CVE-2012-0446
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x up to and including 9.0, Thunderbird 5.0 up to and including 9.0, and SeaMonkey prior to 2.7 allow remote malicious users to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension,...
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 7.0
Mozilla Firefox 6.0
Mozilla Firefox 6.0.1
Mozilla Firefox 9.0
Mozilla Thunderbird 7.0
Mozilla Thunderbird 8.0
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0
Mozilla Thunderbird 5.0
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 9.0
Mozilla Seamonkey 2.6.1
Mozilla Seamonkey 2.6
Mozilla Seamonkey 2.5
Mozilla Seamonkey 2.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »