5743 matches found
JVN#00324715: Electron may insecurely load Node modules
Electron is a software framework for developing cross-platformm desktop applications with web technologies, such as HTML, CSS, JavaScript with Chromium and Node.js. Electron is used in applications such as Atom editor, Microsoft Visual Studio Code, etc.. Electron contains a flaw where the search...
Microsoft Edge keyframes Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Internet Explore...
Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2016-01665)
Internet Explorer is a web browser from Microsoft. Internet Explorer versions 7 through 11 suffer from a memory corruption vulnerability in the implementation of the CAttrArray object via malformed CSS token sequences and modification of HTML elements. An attacker can exploit this vulnerability t...
Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2016-01599)
Microsoft Internet Explorer IE is a Web browser developed by Microsoft and is the default browser that comes with the Windows operating system.CAttrArray object is one of the CAttrArray objects. A security vulnerability exists in the implementation of the CAttrArray object in Microsoft Internet...
Type confusion
The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service type confusion and memory corruption via a malformed Cascading Style Sheets CSS token sequence in conjunction with modifications to HTML...
CVE-2015-6184
The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service type confusion and memory corruption via a malformed Cascading Style Sheets CSS token sequence in conjunction with modifications to HTML...
CVE-2015-6184
The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service type confusion and memory corruption via a malformed Cascading Style Sheets CSS token sequence in conjunction with modifications to HTML...
CVE-2015-6184
Microsoft Internet Explorer 7–11 is affected by a memory corruption/type-confusion vulnerability in the CAttrArray object implementation that can be triggered by a malformed CSS token sequence and HTML element modifications, enabling remote code execution or denial of service. Connected sources (...
Google Chrome Blink Memory Misreference Vulnerability (CNVD-2016-01514)
Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. The 'StyleResolver:: StyleResolver:: appendCSSStyleSheet' function in WebKit/Source/core/css/resolver/StyleResolver.cpp of Blink used in version...
chromium-browser: use-after-free in Blink
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...
CVE-2016-1634
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...
CVE-2016-1634
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...
CVE-2016-1634
CVE-2016-1634 is a use-after-free in Blink’s StyleResolver::appendCSSStyleSheet (WebKit/Blink) used by Google Chrome prior to 49.0.2623.75. The vulnerability allows a remote attacker to cause a denial of service (DoS) or potentially other impact via a crafted page triggering CSS style invalidatio...
CVE-2016-1634
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...
CVE-2016-1634
Removed by vendor...
CVE-2016-1634
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...
UBUNTU-CVE-2016-1634
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...
With the Edge of the user's attention! WinRT PDF the presence of vulnerabilities or hacking-vulnerability warning-the black bar safety net
Use the Edge browser users to pay attention to the browser before the date is considered to exist a certain security risk, may be exploited by hackers jeopardize computer security. IBM X-Force Advanced research team of security experts Mark Vincent Yason said, Win10 in the WinRT PDF the presence...
Microsoft Internet Explorer CFontFace Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
Cross-Site Scripting in TYPO3 component CSS styled content
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-007/...