12 matches found
CVE-2019-11721
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox 68...
CVE-2017-7832
The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most font sets. This allows for domain spoofing...
CVE-2018-5173
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full,...
openSUSE Security Update : Chromium (openSUSE-2015-595)
Chromium was updated to the 45.0.2454.85 of the stable channel to fix multiple security issues. The following vulnerabilities were fixed : - CVE-2015-1291: Cross-origin bypass in DOM - CVE-2015-1292: Cross-origin bypass in ServiceWorker - CVE-2015-1293: Cross-origin bypass in DOM - CVE-2015-1294:...
[SECURITY] [DSA 3351-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3351-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 03, 2015 https://www.debian.org/security/faq -...
DSA-3351-1 chromium-browser - security update
Bulletin has no description...
Debian Security Advisory DSA 3351-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1291 A cross-origin bypass issue was discovered in DOM. CVE-2015-1292 Mariusz Mlynski discovered a cross-origin bypass issue in ServiceWorker. CVE-2015-1293 Mariusz Mlynski discovered a cross-origin bypass issue in...
chromium: multiple issues
CVE-2015-1291, CVE-2015-1293: Cross-origin bypass in DOM. - CVE-2015-1292: Cross-origin bypass in ServiceWorker. - CVE-2015-1294: Use-after-free in Skia. - CVE-2015-1295: Use-after-free in Printing. - CVE-2015-1296: Character spoofing in omnibox. - CVE-2015-1297: Permission scoping error in...
Debian: Security Advisory (DSA-3351-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < 37.0.2062.94 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.94. It is, therefore, affected by the following vulnerabilities : - Blink contains a use-after-free vulnerability in its SVG implementation. By using a specially crafted web page, a remote attacker can cause...
Bugzilla 2.0 < 4.0.12 / 4.2.8 / 4.4.3 / 4.5.3 Character Spoofing
According to its banner, the version of Bugzilla installed on the remote host is after version 2.0 but prior to 4.0.12, 4.1.1 prior to 4.2.8, 4.3.1 prior to 4.4.3, or 4.5.1 prior to 4.5.3. It is, therefore, affected by a character spoofing vulnerability. The vulnerability exists in the bug commen...
CVE-2004-1513
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries...