156 matches found
openSUSE Security Update : Chromium (openSUSE-2016-1080)
Chromium was updated to 53.0.2785.101 to fix a number of security issues and bugs. The following vulnerabilities were fixed: boo996648 - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free...
openSUSE: Security Advisory for Chromium (openSUSE-SU-2016:2296-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-5166
The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...
openSUSE Security Update : Chromium (openSUSE-2016-2250)
Chromium was updated to 53.0.2785.89 to fix a number of security issues. The following vulnerabilities were fixed: boo996648 - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free in Blink....
Security update for Chromium (important)
Chromium was updated to 53.0.2785.89 to fix a number of security issues. The following vulnerabilities were fixed: boo996648 - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free in Blink....
Google Chrome < 53.0.2785.89 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 53.0.2785.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 201608stable-channel-update-for-desktop31 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 on...
Google Chrome < 53.0.2785.89 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 53.0.2785.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 201608stable-channel-update-for-desktop31 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 o...
chromium: multiple issues
CVE-2016-5147 CVE-2016-5148 cross-site scripting Universal XSS in Blink. - CVE-2016-5149 script injection Script injection in extensions. - CVE-2016-5150 arbitrary code execution Use after free in Blink. - CVE-2016-5151 arbitrary code execution Use after free in PDFium. - CVE-2016-5152...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 53 to the stable channel - 53.0.2785.89 for Windows, Mac and 53.0.2785.92 for Linux. This will roll out over the coming days/weeks Note:MSI still points to M52 and will be updated later. Chrome 53.0.2785.89 and 53.0.2785.92 contains...
Microsoft Windows Authenticated User Code Execution
This module uses a valid administrator username and password or password hash to execute an arbitrary payload. This module is similar to the "psexec" utility provided by SysInternals. This module is now able to clean up after itself. The service created by this tool uses a randomly chosen name an...
SAP NetWeaver 7.4 XXE Injection Vulnerability
SAP NetWeaver version 7.4 suffers from an XML external entity injection vulnerability. Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Send: 16.04.2015 Reported: 16.04.2015 Vendor response: 16.04.2015 Date of...
SAP Mobile Platform 2.3 XXE Injection Vulnerability
SAP Mobile Platform version 2.3 suffers from an XML external entity injection vulnerability Application: SAP Mobile Platform 2.3 Versions Affected: SAP Mobile Platform 2.3, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Send: 25.02.2015 Reported: 25.02.2015 Vendor response:...
[ERPSCAN-15-005] SAP Mobile Platform - XXE
ERPSCAN Research Advisory ERPSCAN-15-005 SAP Mobile Platform - XXE Application: SAP Mobile Platform 2.3 Versions Affected: SAP Mobile Platform 2.3, probably others Vendor URL: http://SAP.com Bugs: XML eXternal Entity Sent: 06.11.14 Reported: 06.11.14 Vendor response: 07.11.14 Date of Public...
SAP Mobile Platform 3 - XXE Vulnerability in Add Repository
Application: SAP Mobile Platform 3 Vendor URL: http://www.sap.com Bugs: XML eXternal Entity Reported: 13.03.2015 Vendor response: 13.03.2015 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2159601 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XML External...
Microsoft Windows Authenticated User Code Execution
No description provided by source. $Id: psexec.rb 11204 2010-12-02 17:29:26Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
NetWin dMailWeb Unrestricted Mail Relay
Product: NetWin dMailWeb Type: Unrestricted Mail Relay Severity: Moderate Versions: = 2.6g: Case A All, configuration error: Case B Note: NetWin cwMail also appears vulnerable to the same attacks, and appears to be using exactly the same version numbers. --- Overview dMailWeb is a CGI application...