Vulnerabilities > Uzbl
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-19 | CVE-2012-0843 | Information Exposure vulnerability in multiple products uzbl: Information disclosure via world-readable cookies storage file | 2.1 |
2010-08-19 | CVE-2010-2809 | Code Injection vulnerability in Uzbl 2009.12.22/2010.01.04 The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document. | 6.8 |
2010-02-25 | CVE-2010-0011 | Permissions, Privileges, and Access Controls vulnerability in Uzbl The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code. | 7.5 |