11 matches found
Prototype Pollution
Overview content-security-policy-parser is a Parse Content Security Policy directives. Affected versions of this package are vulnerable to Prototype Pollution via the parse function. An attacker can manipulate the Object prototype by supplying a crafted policy name in HTTP queries, potentially...
CVE-2016-3287
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass."...
Security feature bypass
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka "Secure Boot Security Feature Bypass."...
CVE-2016-1916
Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a...
CVE-2016-1916
Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a...
Cross site scripting
Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a...
CVE-2016-1916
Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a...
DEBIAN-CVE-2011-1924
Buffer overflow in the policysummarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service directory authority crash via a crafted policy that triggers creation of a long port list...
Buffer overflow
Buffer overflow in the policysummarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service directory authority crash via a crafted policy that triggers creation of a long port list...
CVE-2011-1924
Buffer overflow in the policysummarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service directory authority crash via a crafted policy that triggers creation of a long port list...
CVE-2011-1924
Buffer overflow in the policysummarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service directory authority crash via a crafted policy that triggers creation of a long port list...