118 matches found
Debian: Security Advisory (DSA-3277-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: novnc security update
An updated novnc package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...
Debian Security Advisory DSA 3039-1 (chromium-browser - security update)
Several vulnerabilities were discovered in the chromium web browser. CVE-2014-3160 Christian Schneider discovered a same origin bypass issue in SVG file resource fetching. CVE-2014-3162 The Google Chrome development team addressed multiple issues with potential security impact for chromium...
Debian DSA-3039-1 : chromium-browser - security update
Several vulnerabilities were discovered in the chromium web browser. - CVE-2014-3160 Christian Schneider discovered a same origin bypass issue in SVG file resource fetching. - CVE-2014-3162 The Google Chrome development team addressed multiple issues with potential security impact for chromium...
Google Chrome Multiple Vulnerabilities - 01 (Aug 2014) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Pushes Chrome 36, Fixes 12 Issues
Google patched its Chrome browser this week, fixing 12 vulnerabilities, including both a serious information disclosure bug and a use-after-free vulnerability that could let users obtain potentially sensitive information and execute arbitrary code. French security researcher Antoine Delignat-Lava...
FreeBSD : chromium -- multiple vulnerabilities (df7754c0-2294-11e4-b505-000c6e25e3e9)
Google Chrome Releases reports : 12 security fixes in this release, including - 390174 High CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne. - 398925 High CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine Delignat-Lavaud. - 400950 CVE-2014-3167: Various fixes...
CVE-2014-3165
Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigge...
Design/Logic Flaw
Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigge...
CVE-2014-3165
The CVE-2014-3165 issue affects the Blink WebSockets implementation (WorkerThreadableWebSocketChannel.cpp) in Google Chrome/Chromium prior to 36.0.1985.143 and is a use-after-free vulnerability. It could allow a remote attacker to cause a denial of service or other impact via long object lifetime...
CVE-2014-3165
Removed by vendor...
CVE-2014-3165
Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigge...
Google Chrome < 36.0.1985.143 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 36.0.1985.143. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists in the Web Sockets implementation in Blink which allows remote attackers to cause a denial of service...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 12 security fixes in this release, including 390174 High CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne. 398925 High CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine Delignat-Lavaud. 400950 CVE-2014-3167: Various fixes from...
Stable Channel Update
The Stable Channel has been updated to 36.0.1985.143 for Windows, Mac and Linux. This release contains a Flash Player update. Security Fixes and Rewards This update includes 12 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly...
OWASP ZAP 2.3.0.1 - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration...
Debian DSA-2883-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser. - CVE-2013-6654 TheShow3511 discovered an issue in SVG handling. - CVE-2013-6655 cloudfuzzer discovered a use-after-fr...
[SECURITY] [DSA 2883-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2883-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 23, 2014 http://www.debian.org/security/faq -...
Google Chrome Multiple Vulnerabilities-02 (Mar 2014) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2014-1703
Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/rendererhost/websocketdispatcherhost.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging...