SUSE CVE-2026-11155

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11186

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

PT-2026-46683

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to leak cross-origin data, which is information from a different domain than the one serving the page, by using a crafted...

PT-2026-46713

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is the ability to execute scripts across different origins, by usin...

USN-8223-1: Roundcube Webmail vulnerabilities

It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. CVE-2019-15237 It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and...

EUVD-2026-9489

Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2010-2264

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages...

Microsoft Internet Explorer 11109 - MSHTML PROPERTYDESC::Handle­Style­Component­Property Out-of-Bounds Read (MS16-104)

Microsoft Internet Explorer 11109 - MSHTML PROPERTYDESC::Handle­Style­Component­Property Out-of-Bounds Read MS16-104 // This Po­C attempts to exploit a memory disclosure bug in Microsoft Internet // Explorer 11. On x64 systems, this should cause an access violation when // run with page-heap...

Mozilla Thunderbird SVG Content and CSS Handling Buffer Overflow Vulnerability

Mozilla Thunderbird is a mail tool adapted from the mail widget of the Mozilla browser. A buffer overflow vulnerability exists in Mozilla Thunderbird's handling of SVG content and CSS, which allows remote attackers to exploit the vulnerability by submitting a specially crafted HTML message that c...

Google Chrome < 14.0.835.163 Multiple Vulnerabilities

Binary data 800955.prm...

CVE-2011-2347

Google Chrome before 12.0.742.112 does not properly handle Cascading Style Sheets CSS token sequences, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2011-1294

Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets CSS token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

CVE-2011-1290

Integer overflow in WebKit, as used on the Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets,...

UBUNTU-CVE-2011-1290

Integer overflow in WebKit, as used on the Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets,...

CVE-2011-0474

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a...

CVE-2011-0473

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that le...

Microsoft Internet Explorer 7/8 - CSS Handling Cross Domain Information Disclosure

source: https://www.securityfocus.com/bid/42993/info Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to enforce the same-origin policy. An attacker can exploit this issue by enticing an unsuspecting user into viewing a page...

Debian: Security Advisory (DSA-2075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2075-1 (xulrunner)

The remote host is missing an update to xulrunner announced via advisory DSA 2075-1. OpenVAS Vulnerability Test $Id: deb20751.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2075-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Debian DSA-2075-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently...