411 matches found
Design/Logic Flaw
PEAR HTMLAJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression...
CVE-2017-5677
PEAR HTMLAJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression...
PT-2017-10385 · Html5Lib +1 · Html5Lib +1
Name of the Vulnerable Software and Affected Versions: html5lib versions prior to 0.99999999 Description: The issue concerns the mishandling of the character in attribute values by the serializer in html5lib, potentially allowing remote attackers to conduct cross-site scripting XSS attacks...
PT-2017-10386 · Html5Lib +1 · Html5Lib +1
Name of the Vulnerable Software and Affected Versions: html5lib versions prior to 0.99999999 Description: The issue concerns the serializer in html5lib, which might allow remote attackers to conduct cross-site scripting XSS attacks. This is due to the mishandling of special characters in attribut...
Google Chrome Blink Serializer::doSerialize Bad Cast
Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the ninth entry in that series, and the first to not target a Microsoft browser. The below information is available in more detail on my blog at...
Metasploit config.action_dispatch.cookies_serializer deserialization vulnerability
Metasploit is an open source security vulnerability detection tool that helps security and IT professionals identify security issues, validate mitigations for vulnerabilities, and manage expert-driven security for assessments that provide true security risk intelligence. A deserialization...
chromium-browser: type confusion in blink
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly ha...
CVE-2016-5161
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly ha...
Choronzon - An Evolutionary Knowledge-Based Fuzzer
An evolutionary knowledge-based fuzzer Introduction This document aims to explain in brief the theory behind Choronzon . Moreover, it provides details about its internals and how one can extend Choronzon to meet new requirements. An overview of the architecture of Choronzon was initially presente...
UBUNTU-CVE-2016-5161
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly ha...
USN-2860-1 oxide-qt vulnerabilities
A race condition was discovered in the MutationObserver implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the...
CVE-2015-6790
Removed by vendor...
UBUNTU-CVE-2015-6790
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as...
Google Chrome HTML Injection Vulnerability
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the page serializer of Google Chrome versions prior to 47.0.2526.73, which stems from the program's failure to properly handle Mark of the Web MOTW annotations for URLs containing th...
CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
Design/Logic Flaw
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
CVE-2015-6784
Removed by vendor...
CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...
UBUNTU-CVE-2015-6784
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web MOTW comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring...