271 matches found
CVE-2017-16690
CVE-2017-16690 describes a DLL preloading vulnerability in SAP Plant Connectivity (NwSapSetup/SAPSetup) where DLLs (e.g., DWMAPI.dll) may be loaded from the executable’s folder rather than system folders. Root cause: the loader uses the local folder before system directories, enabling code execut...
Input validation
An untrusted search path aka DLL Preload vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working director...
CVE-2017-12313
CVE-2017-12313 affects Cisco Network Academy Packet Tracer. The issue is an untrusted search path (DLL Preload) vulnerability caused by insufficient input validation of DLL paths/filenames before loading. A local, authenticated user with administrative privileges could place a crafted DLL in a ta...
CVE-2017-12313
An untrusted search path aka DLL Preload vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working director...
glibc: heap/stack gap jumping via unbounded stack allocations
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...
Paragon Initiative Enterprises: Non-secure requests are not automatically upgraded to HTTPS
Non-secure requests to bridge.cspr.ng e.g. http://bridge.cspr.ng/ are not automatically upgraded to HTTPS. This is not something you would notice when you use the latest version of modern web browsers such as Google Chrome or Firefox, because bridge.cspr.ng is HSTS preloaded. When a domain is...
glibc: heap/stack gap jumping via unbounded stack allocations
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...
glibc: heap/stack gap jumping via unbounded stack allocations
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...
PT-2017-3348
Name of the Vulnerable Software and Affected Versions Embedthis GoAhead versions prior to 3.6.5 Description The issue is related to the initialization of the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function. This can be abused for remote code...
CVE-2017-5233
Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer...
The vulnerability of Google Chrome browser allows a perpetrator to bypass the protective mechanisms of CSP.
The vulnerability in the WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp file of the Google Chrome browser’s Blink component relates to the lack of checks for links within an HTML document during its loading. Exploiting this vulnerability allows a malicious actor to circumvent the Content...
SSL/TLS: `preload` Missing in HSTS Header
The remote web server is missing the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.105878";...
Google Chrome CSP Protection Mechanism Bypass Vulnerability
Google Chrome is a web browsing tool developed by Google. Google Chrome versions prior to 52.0.2743.82, Blink/WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp does not take into account the referrer-policy information of the HTML document during the preload request, which could allow a remot...
chromium-browser: content-security-policy bypass
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy CSP protection mechanis...
CVE-2016-5135
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy CSP protection mechanis...
CVE-2016-5135
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy CSP protection mechanis...
Design/Logic Flaw
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy CSP protection mechanis...
CVE-2016-5135
Summary of CVE-2016-5135: In Blink’s HTMLPreloadScanner.cpp, the preload path did not take into account the referrer-policy within an HTML document, enabling a CSP bypass via a crafted site that uses a CSP header like Content-Security-Policy: referrer origin-when-cross-origin to override a meta r...
CVE-2016-5135
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy CSP protection mechanis...
UBUNTU-CVE-2016-5135
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy CSP protection mechanis...