Filtered by vendor Uzbl Subscriptions
Filtered by product Uzbl Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-0843 2 Debian, Uzbl 2 Debian Linux, Uzbl 2024-11-21 5.5 Medium
uzbl: Information disclosure via world-readable cookies storage file
CVE-2010-2809 1 Uzbl 1 Uzbl 2024-11-21 N/A
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document.
CVE-2010-0011 1 Uzbl 1 Uzbl 2024-11-21 N/A
The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows remote attackers to execute arbitrary commands via JavaScript code.