CVE-2016-5208

Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android allowed possible corruption of the DOM tree during synchronous event handling, which allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2016-5207

Removed by vendor...

CVE-2016-5207

CVE-2016-5207 affects Chromium-based browsers (Blink) on Windows/macOS/Linux (Chrome before 55.0.2883.75; Android before 55.0.2883.84). Root cause: DOM tree corruption during removal of a full-screen element, enabling remote code execution via a crafted HTML page. Impact per sources: arbitrary co...

CVE-2016-5208

CVE-2016-5208 is a UXSS cross-site scripting flaw in Blink for Google Chrome prior to 55.0.2883.75 on Linux/Windows and 55.0.2883.84 on Android, allowing remote script/HTML injection via crafted HTML during synchronous event handling. Desktop remediation: upgrade to Chrome 55.0.2883.75+ (and Chro...

CVE-2016-5208

Removed by vendor...

Fedora 25 : kernel (2016-02db2f32fd)

The 4.8.14 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

chromium-browser: universal xss in blink

Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2016-5204

Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2016-5207

In Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android, corruption of the DOM tree could occur during the removal of a full screen element, which allowed a remote attacker to achieve arbitrary code execution via a crafted HTML page...

UBUNTU-CVE-2016-5204

Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2016-5207

In Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android, corruption of the DOM tree could occur during the removal of a full screen element, which allowed a remote attacker to achieve arbitrary code execution via a crafted HTML page...

CVE-2016-5204

Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

Mozilla Firefox ESR < 45.5 Multiple Vulnerabilities

Binary data 9805.prm...

Microsoft Internet Explorer 11 - MSHTML &#039;CGenerated­Content::Has­Generated­SVGMarker&#039; Type Confusion

window.onload = function document.get­Elements­By­Tag­Name"iframe"0.src = "repro-iframe.html"; Description Internally MSIE uses various lists of linked CTree­Pos objects to represent the DOM tree. For HTML/SVG elements a CTree­Node element is created, which embeds two CTree­Pos instances: one tha...

Gold Christmas Tree - Customized SSL, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Gold Christmas Tree published at the 'play' market has multiple vulnerabilities...

RecuperaBit - A Tool For Forensic File System Reconstruction

A software which attempts to reconstruct file system structures and recover files. Currently it supports only NTFS. RecuperaBit attempts reconstruction of the directory structure regardless of: missing partition table unknown partition boundaries partially-overwritten metadata quick format You ca...

The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the Linux kernel’s drivers/usb/misc/iowarrior.ko module arises due to a memory leak in the implementation of the omap4keypadprobe function. Exploiting this vulnerability allows an attacker to cause a system failure by connecting an OMAP4 Keypad device, which does not contain...

ir-rescue - A Windows Batch Script To Comprehensively Collect Host Forensic Data

ir-rescue is a lightweight Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility and artifacts that are changed with the execution of the script e.g. , prefetch files. It is intended for incident response use a...

Internet Bug Bounty: Multiple use after frees in obj2ast_* methods

Multiple UAFs in Python AST API. link to bugtracker...

Kingdee OA /stock/cash/tree/get_mail. jsp parameter node injection vulnerability

No description provided by source...