Cross-Site Scripting

Overview Affected versions of jqtree are vulnerable to cross-site scripting in the drag and drop functionality for modifying tree data. When a user attempts to drag a node to a different position in the hierarchy, script content existing within the node will be executed. Recommendation Update to...

The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this after release in core/dom/Node.cpp in Blink for Google Chrome allows malicious actors operating remotely to trigger service failures or otherwise affect the system by exploiting inconsistencies in the rendering tree...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-tree-2.6.24 Debian GNU/Linux operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

Multiple vulnerabilities exist in the kernel-tree-2.6.8 operating system of the Debian GNU/Linux distribution. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The Linux-tree-2.6.18 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The Linux-tree-2.6.26 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

A vulnerability exists in the dissecthiptlv function in the epan/dissectors/packet-hip.c file of the HIP dissector in Wireshark, due to incorrect handling of an empty tree structure. Exploiting this vulnerability allows malicious individuals operating remotely to cause a service failure lockup by...

CVE-2016-4581

fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted series of mount system calls...

chromium-browser: same origin bypass in dom

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a...

Wireshark Multiple DoS Vulnerabilities -02 (May 2016) - Mac OS X

Wireshark is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

Design/Logic Flaw

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

DEBIAN-CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

UBUNTU-CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

CVE-2016-4006

CVE-2016-4006 affectsWireshark 1.12.x (before 1.12.11) and 2.0.x (before 2.0.3). The vulnerability arises because epan/proto.c does not limit the protocol-tree depth, enabling a remote attacker to crash the application via a crafted packet due to stack memory exhaustion. Affected product details ...

CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

UBUNTU-CVE-2016-3172

SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parentid parameter in an itemedit action...

Tree Fu Tom: Play and Learn - Base64 encoded String, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Tree Fu Tom: Play and Learn published at the 'play' market has multiple vulnerabilities...