CVE-2019-5838

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

chromium-browser: Overly permissive tab access in Extensions

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

CVE-2019-5838

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...

DEBIAN-CVE-2019-9187

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs...

CVE-2019-12449

The CVE-2019-12449 entry affects GNOME gvfs (1.29.4–1.41.2) in the gvfs backend admin code. The issue is that during move (and copy with G_FILE_COPY_ALL_METADATA) from admin:// to file:// URIs, the gvfsbackendadmin.c path mishandles a file’s user and group ownership because root privileges are un...

Typora 0.9.9.24.6 - Directory Traversal Vulnerability

Exploit Title: Code execution via path traversal Exploit Author: Dhiraj Mishra Vendor Homepage: http://typora.io Software Link: https://typora.io/download/Typora.dmg Version: 0.9.9.24.6 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-12137 References: https://nvd.nist.gov/vuln/detail/CVE-2019-1213...

CVE-2019-12173

MacDown 0.7.1 870 allows remote code execution via a file:\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138...

CVE-2019-12173

MacDown 0.7.1 is affected by CVE-2019-12173. The Red Hat advisory and OSV records describe a remote code execution path triggered by a file:\ URI with a ".app" pathname in the HREF of an A element, enabling arbitrary code execution if a crafted note is opened. Affected component is the MacDown vi...

Updated python packages fix security vulnerability

Updated python packages fix security vulnerability: A 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead CVE-2019-9948...

Design/Logic Flaw

urllib in Python 2.x through 2.7.16 supports the localfile: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen'localfile:///etc/passwd' call...

Mozilla Firefox 64 Information Disclosure Exploit

Mozilla Firefox versions 64 and below have an issue where an overly liberal same-origin policy for file URIs and a bug in the implementation of this policy make Firefox vulnerable to exposure of local files to a remote attacker. Product: Firefox Manufacturer: Mozilla Affected Versions: = 64 Teste...

Authorization Bypass

Mozilla Firefox and Thunderbird is vulnerable to authorization bypass. The proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a file: URI, bypassing configur...

Arbitrary Code Execution

rubygem-openshift-origin-node is vulnerable to arbitrary code execution attacks. The vulnerability exists as Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced...

Mozilla: Proxy bypass using automount and autofs

Firefox proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a file: URI, bypassing configured proxy settings. This issue only affects OS X in default...

CVE-2018-10498

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...

CVE-2018-10498

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...

CVE-2018-12243

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity XXE exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths ...

Xxe

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity XXE exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths ...

Mozilla: Proxy bypass using automount and autofs

Firefox proxy settings can be bypassed by using the automount feature with autofs to create a mount point on the local file system. Content can be loaded from this mounted file system directly using a file: URI, bypassing configured proxy settings. This issue only affects OS X in default...

Samsung Email Information Disclosure Vulnerability

Samsung Email is an application from Samsung South Korea for sending, receiving and managing e-mail. An information disclosure vulnerability exists in the handling of file:/// URIs in Samsung Email, which stems from the program failing to properly validate user-submitted data. A local attacker...