UBUNTU-CVE-2015-4497

Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...

CVE-2015-4497

Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...

Here's Top 10 Popular Programming Languages used on GitHub

Open Source is the Future of the computer science world! On Wednesday, the popular coding website GitHub shared a graph that gives a closer look at the popularity of different programming languages used on its code sharing website that lets anyone edit, store, and collaborate on software code...

Microsoft Internet Explorer COrphanedStyleSheetArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

Microsoft Internet Explorer COrphanedStyleSheetArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

[SECURITY] Fedora 22 Update: roundcubemail-1.1.2-1.fc22

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

chromium-browser: SOP bypass with CSS in unspecified

Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related t...

Google Chrome Blink Security Bypass Vulnerability (CNVD-2015-04885)

Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. A security vulnerability exists in Blink used in versions of Google Chrome prior to 44.0.2403.89, which stems from the program failing to set th...

CVE-2015-1287

Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related t...

Google Chrome Multiple Vulnerabilities-01 (Jul 2015) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

CVE-2015-1287

CVE-2015-1287 affects Blink (Chrome’s rendering engine) prior to Chrome 44.0.2403.89, where a quirks-mode exception allows CSS text/css to bypass content-type checks, enabling a remote attacker to bypass the Same-Origin Policy via a crafted site. The root cause is linked to CSSStyleSheetResource....

CVE-2015-1287

Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related t...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 43 security fixes in this release, including: 446032 High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer. 459215 High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft. 461858 High CVE-2015-1274: Settings allowed executable fil...

Python Network Recon Framework: ivre

IVRE Instrument de veille sur les réseaux extérieurs or DRUNK Dynamic Recon of UNKnown networks is a network recon framework, including two modules for passive recon one p0f -based and one Bro -based and one module for active recon mostly Nmap -based, with a bit of ZMap . External programs /...

iOS latest vulnerability can be achieved“as real”iCloud password fishing-vulnerability warning-the black bar safety net

! Recently a security researcher has released an exploit code. This code suggests that the attacker can be through enough to fake spurious fishing, easily stolen using the latest version of iOS iCloud password. The vulnerability principle This proof-of-concept attacks using the iOS default email...

Update to Firefox 31.7.0esr (important)

update to Firefox 31.7.0esr bnc930622 MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards MFSA 2015-47/VE-2015-0797 bmo1080995 Buffer overflow parsing H.264 video with Linux Gstreamer MFSA 2015-48/CVE-2015-2710 bmo1149542 Buffer overflow with SVG content and CSS MFSA...

thunderbird: multiple issues

CVE-2015-2708 Memory safety bugs fixed in Firefox ESR 31.7 and Firefox 38: Jesse Ruderman, Mats Palmgren, Byron Campen, and Steve Fink reported memory safety problems and crashes that affect Firefox ESR 31.6 and Firefox 37. - CVE-2015-2709 Memory safety bugs fixed in Firefox 38: Gary Kwong,...

WordPress CSS Plus Plugin <= 1.3.1 - Unspecified Vulnerabilities

This plugin is prone to unspecified vulnerabilities. Solution Update the plugin...

WordPress Crayon Syntax Highlighter Plugin <= 2.6.10 - Defacement

Because of this vulnerability, attackers can craft the user provided parameters in such a way that it becomes possible to overwrite base themes with arbitrary CSS. Solution Update plugin...

CVE-2015-2713

Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a document containing crafted text in...