103 matches found
Medium: yelp
Issue Overview: A sandbox escape vulnerability was found in yelp, the GNOME help viewer. Bypassing the fix for CVE-2025-3155, a malicious help document can use a CSS stylesheet embedded in an SVG image to exfiltrate the contents of local files such as files under /proc to an external server witho...
EUVD-2010-1401
Malware in sbrugna...
EUVD-2009-0939
Malware in sbrugna...
EUVD-2008-0073
Malware in sbrugna...
EUVD-2017-11544
Malware in sbrugna...
EUVD-2007-0645
Malware in sbrugna...
EUVD-2005-1340
Malware in sbrugna...
EUVD-2009-2798
Malware in sbrugna...
EUVD-2009-0940
Malware in sbrugna...
OESA-2025-1608 yelp security update
Yelp is the help viewer in GNOME. It natively views Mallard, DocBook, man, info, and HTML documents. It can locate documents according to the freedesktop.org help system specification. Security Fixes: A flaw was found in Yelp. The Gnome user help application allows the help document to execute...
OESA-2025-1607 yelp security update
Yelp is the help viewer in GNOME. It natively views Mallard, DocBook, man, info, and HTML documents. It can locate documents according to the freedesktop.org help system specification. Security Fixes: A flaw was found in Yelp. The Gnome user help application allows the help document to execute...
OESA-2025-1606 yelp security update
Yelp is the help viewer in GNOME. It natively views Mallard, DocBook, man, info, and HTML documents. It can locate documents according to the freedesktop.org help system specification. Security Fixes: A flaw was found in Yelp. The Gnome user help application allows the help document to execute...
CVE-2010-1373
Cross-site scripting XSS vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted help: URL, related to "URL parameters in HTML content."...
The vulnerability of the Help Viewer component in the macOS Big Sur operating system allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the Help Viewer component in the macOS Big Sur operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary JavaScript code...
SUSE CVE-2006-1491
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer...
SUSE CVE-2006-3548
Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a 1 javascript URI or an external 2 http, 3 https, or 4 ftp URI in the url parameter in services/go.php a...
Apple macOS Big Sur 输入验证错误漏洞
Apple macOS Big Sur is a mobile application app from Apple USA Inc. Apple macOS Big Sur Help Viewer suffers from an input validation error vulnerability that originates from a maliciously created URL that could lead to the execution of JavaScript.The following products and versions are...
CHM Help Files Deliver Brazilian Banking Trojan
Security researchers are warning of a new spam campaign targeting Brazilian institutions that contain Compiled HTML file attachments that are used to deliver a banking Trojan. Spam messages contain a malicious CHM attachment called “comprovante.chm”, wrote Rodel Mendrez, senior security researche...
CVE-2017-13819
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML...
Apple Mac OS X Multiple Vulnerabilities-02 (Apr 2017)
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...