EUVD-2010-2450

Malware in sbrugna...

CVE-2018-25081

Bitwarden through 2023.2.1 offers password auto-fill within a cross-domain IFRAME element. NOTE: the vendor's position is that there have been important legitimate cross-domain configurations e.g., an apple.com IFRAME element on the icloud.com website and that "Auto-fill on page load" is not...

CVE-2018-25081

Bitwarden through 2023.2.1 offers password auto-fill within a cross-domain IFRAME element. NOTE: the vendor's position is that there have been important legitimate cross-domain configurations e.g., an apple.com IFRAME element on the icloud.com website and that "Auto-fill on page load" is not...

PT-2023-10822 · Bitwarden · Bitwarden

Name of the Vulnerable Software and Affected Versions: Bitwarden versions through 2023.2.1 Description: The issue allows password auto-fill within a cross-domain IFRAME element. The vendor notes that there have been important legitimate cross-domain configurations, such as an apple.com IFRAME...

Mozilla Firefox 安全漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP and POP mail protocols as well as the HTML mail format. A security vulnerability exists in Mozilla Firefox prior to version 104,...

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website. The flaw was discovered on July 9 by security researcher Sreer...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 83, which stems from the fact that a cross-domain iframe containing a login form may have been recognized and populated by the login...

CVE-2010-2441

WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295...

CVE-2010-2442

Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."...

CVE-2010-2441

WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295...

Cross site scripting

Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."...

CVE-2010-2441

WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295...

CVE-2010-2441

Removed by vendor...

CVE-2010-2441

CVE-2010-2441 in WebKit: improper restrictions on focus changes enables reading keystrokes via cross-domain IFRAME gadgets. The issue is addressed by openSUSE/libwebkit updates to WebKit 1.2.7 (examples: openSUSE-SU-2011:0024/0458-1 patches for libwebkit) which list CVE-2010-2441 among fixed bugs...