Vulnerabilities (CVE)

Filtered by vendor Uzbl Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0843 2 Debian, Uzbl 2 Debian Linux, Uzbl 2024-11-21 2.1 LOW 5.5 MEDIUM
uzbl: Information disclosure via world-readable cookies storage file
CVE-2010-2809 1 Uzbl 1 Uzbl 2024-11-21 6.8 MEDIUM N/A
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document.
CVE-2010-0011 1 Uzbl 1 Uzbl 2024-11-21 7.5 HIGH N/A
The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code.