Cross-site Scripting (XSS)

radiant-markdownfilter-extension is vulnerable to cross-site scripting XSS attacks. The application does not properly escape html elements before rendering them, allowing a malicious user to inject and execute arbitrary Javascript...

Firefox 54.0.1 Denial Of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: =============== www.mozilla.org Product: =============== Firefox v54.0.1 Vulnerability Type:...

Firefox 54.0.1 - Denial of Service

Firefox 54.0.1 - Denial of Service + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: =============== www.mozilla.org Product: =============== Firefox v54.0....

Firefox 54.0.1 - Denial of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: =============== www.mozilla.org Product: =============== Firefox v54.0.1 Vulnerability Type:...

Security feature bypass

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to trick a user into loading a page with malicious content when Microsoft Edge fails to correctly apply Same Origin Policy for HTML elements present in other browser windows, aka "Microso...

CVE-2017-0135

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0140...

CVE-2017-0140

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0066 and CVE-2017-0135...

CVE-2017-0066

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140...

Microsoft Edge Security Bypass Vulnerability (CNVD-2017-03534)

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A security bypass vulnerability exists in Microsoft Edge. An attacker can exploit the vulnerability to trick users into loading malicious web pages to manipulate...

Verizon Webmail client stored XSS vulnerability-vulnerability warning-the black bar safety net

Write in front of words Before that, I had specialized to write a technical article to explain in detail through Verizon Webmial client of server-side vulnerabilities article transfer gate button. But I recently went in this client found some very interesting vulnerabilities, these vulnerabilitie...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2016-01599)

Microsoft Internet Explorer IE is a Web browser developed by Microsoft and is the default browser that comes with the Windows operating system.CAttrArray object is one of the CAttrArray objects. A security vulnerability exists in the implementation of the CAttrArray object in Microsoft Internet...

CVE-2015-6184

The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service type confusion and memory corruption via a malformed Cascading Style Sheets CSS token sequence in conjunction with modifications to HTML...

Microsoft Internet Explorer Input Range Control Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

Microsoft Internet Explorer CDataset RemoveItem Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose the contents of memory on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates t...

Microsoft Internet Explorer CDataset SetItem Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose the contents of memory on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates t...

Debian Security Advisory DSA 3375-1 (wordpress - security update)

Several vulnerabilities have been fixed in Wordpress, the popular blogging engine. CVE-2015-5714 A cross-site scripting vulnerability when processing shortcode tags has been discovered. The issue has been fixed by not allowing unclosed HTML elements in attributes. CVE-2015-5715 A vulnerability ha...

Microsoft Internet Explorer CStyleAttrArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...