CVE-2020-15258

CVE-2020-15258 affects Wire prior to 3.20.x, where the app used shell.openExternal without validating the URL. This could let an attacker craft messages with links using arbitrary protocols, potentially enabling code execution on a victim’s machine after user interaction. The root cause is openin...

CVE-2020-15258 Insecure use of shell.openExternal in Wire

In Wire before 3.20.x, shell.openExternal was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the URL that is opened. The...

Man-in-the-Middle (MitM)

openshift-ansible is vulnerable to Man-in-the-Middle MitM. cors allowed origin allows changing url protocol...

CVE-2020-7705

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...

GitLab: Stored XSS for Grafana dashboard URL

Hi GitLab Security Team Summary I found a stored XSS vulnerability in the admins page. The administrator can set up a Grafana dashboard. Here, the administrator can either enter a relative URL or an absolute address. However, when adding an absolute URL, the protocol is not checked allowing to ad...

Microsoft Office Protocol Handler Directory Traversal File Creation Vulnerability

This vulnerability allows remote attackers to create files in arbitrary locations on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Open redirect

If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with...

ClassLink OneClick Browser Extension / Agent Universal XSS / Remote Code Execution

The ClassLink OneClick Browser Extension and the ClassLink Agent are vulnerable to Universal XSS and Remote Code Execution. Vendor has released software updates to fix both vulnerabilities on 3 June 2018. === Vendor === ClassLink: https://www.classlink.com === Vulnerability 1: Universal XSS throu...

CVE-2018-5181

If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process is to open it with...

CVE-2014-9272

The stringinserthref function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting XSS attacks via the javascript:// protocol...

CVE-2014-9272

The stringinserthref function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting XSS attacks via the javascript:// protocol...

Cross site scripting

The stringinserthref function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting XSS attacks via the javascript:// protocol...

Mbedthis AppWeb 2.2.2 URL Protocol Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24454/info Mbedthis AppWeb is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. This...

AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 'aim://' Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2118/info AOL Instant Messenger AIM is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim://...

AOL Instant Messenger 4.0/4.1.2010/4.2.1193 BuddyIcon Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2122/info AOL Instant Messenger AIM is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim://...

[SECURITY] [DSA 2939-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2939-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 31, 2014 http://www.debian.org/security/faq -...

DSA-2939-1 chromium-browser - security update

Bulletin has no description...

Steam Gaming Platform Vulnerable to Remote Exploits; 50 Million at Risk

More than 50 million users of the Steam gaming and media distribution platform are at risk for remote compromise because of weaknesses in the platform’s URL protocol handler, a pair of researchers at ReVuln wrote in a paper released this week. Luigi Auriemma and Donato Ferrante discovered a numbe...

Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow

Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow Luigi Auriemma Application: Novell GroupWise Messenger client http://www.novell.com/products/groupwise/ Versions: = 2.1.0 Platforms: Windows, Linux, NetWare Bug: unicode stack overflow Exploitation: remote, versus server Date: 16 Fe...

JVN#80404511: Windows URL Protocol Handler may insecurely load executable files

Windows URL Protocol Handler loads a specified executable for each protocol. Windows URL Protocol Handler contains an issue with the file search path, which may insecurely load executable files. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution...