5743 matches found
neltec.dk Cross Site Scripting vulnerability OBB-1333642
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c
A stack overflow flaw was found in libcroco. A service using libcroco's CSS parser could be crashed by a local, authenticated attacker, or an attacker utilizing social engineering, using a crafted input. The highest threat from this vulnerability is to system availability...
Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2020-1986)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : libcroco (EulerOS-SA-2020-1986)
According to the version of the libcroco package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A stack overflow flaw was found in libcroco. A service using libcroco's CSS parser could be crashed by a local,...
css-avocate.fr Cross Site Scripting vulnerability OBB-1284084
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
dywel.blueadcp.com Cross Site Scripting vulnerability OBB-1281206
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
fiscalit.be Cross Site Scripting vulnerability OBB-1279834
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
[SECURITY] Fedora 32 Update: roundcubemail-1.4.8-1.fc32
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
Fedora: Security Advisory for roundcubemail (FEDORA-2020-b1e023936e)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CSS Injection in Chartkick gem
The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets CSS Injection without attribute...
GHSA-3J95-FJV2-3M4P CSS Injection in Chartkick gem
The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets CSS Injection without attribute...
OPENSUSE-SU-2020:1181-1 Security update of chromium
Chromium was updated to 84.0.4147.105 boo1174582: CVE-2020-6537: Type Confusion in V8 CVE-2020-6538: Inappropriate implementation in WebView CVE-2020-6532: Use after free in SCTP CVE-2020-6539: Use after free in CSS CVE-2020-6540: Heap buffer overflow in Skia CVE-2020-6541: Use after free in WebU...
Google Chrome Security Update (stable-channel-update-for-desktop_27-2020-07) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. Thi...
CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. Thi...
CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. Thi...
CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. Thi...
CVE-2020-15654
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. Thi...
CVE-2020-15654
CVE-2020-15654 affects Mozilla Firefox and Thunderbird where a site-based CSS-override cursor can overlay the UI, causing a perceived broken state and interfering with dialogs. Affected: Firefox ESR earlier than 78.1, Firefox earlier than 79, and Thunderbird earlier than 78.1. Root cause: an erro...
localprjet.com Cross Site Scripting vulnerability OBB-1255790
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...