5743 matches found
Design/Logic Flaw
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...
CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...
CVE-2015-4497
CVE-2015-4497 affects Mozilla Firefox (and Iceweasel) prior to Firefox 40.0.3 and Firefox ESR prior to 38.2.1, due to a use-after-free in CanvasRenderingContext2D when a canvas is resized during restyling. This can allow a remote attacker to execute arbitrary code. Remediation: upgrade to Firefox...
Mozilla: Use-after-free when resizing canvas element during restyling (MFSA 2015-94)
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...
UBUNTU-CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...
CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...
Here's Top 10 Popular Programming Languages used on GitHub
Open Source is the Future of the computer science world! On Wednesday, the popular coding website GitHub shared a graph that gives a closer look at the popularity of different programming languages used on its code sharing website that lets anyone edit, store, and collaborate on software code...
Microsoft Internet Explorer COrphanedStyleSheetArray Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
Microsoft Internet Explorer COrphanedStyleSheetArray Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
[SECURITY] Fedora 22 Update: roundcubemail-1.1.2-1.fc22
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
chromium-browser: SOP bypass with CSS in unspecified
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related t...
Google Chrome Blink Security Bypass Vulnerability (CNVD-2015-04885)
Blink is the United States Google Google Inc. and Norway Opens Opera Software company jointly developed a set of browser layout engine rendering engine. A security vulnerability exists in Blink used in versions of Google Chrome prior to 44.0.2403.89, which stems from the program failing to set th...
CVE-2015-1287
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related t...
CVE-2015-1287
CVE-2015-1287 affects Blink (Chrome’s rendering engine) prior to Chrome 44.0.2403.89, where a quirks-mode exception allows CSS text/css to bypass content-type checks, enabling a remote attacker to bypass the Same-Origin Policy via a crafted site. The root cause is linked to CSSStyleSheetResource....
Google Chrome Multiple Vulnerabilities-01 (Jul 2015) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2015-1287
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related t...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 43 security fixes in this release, including: 446032 High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer. 459215 High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft. 461858 High CVE-2015-1274: Settings allowed executable fil...
Python Network Recon Framework: ivre
IVRE Instrument de veille sur les réseaux extérieurs or DRUNK Dynamic Recon of UNKnown networks is a network recon framework, including two modules for passive recon one p0f -based and one Bro -based and one module for active recon mostly Nmap -based, with a bit of ZMap . External programs /...
iOS latest vulnerability can be achieved“as real”iCloud password fishing-vulnerability warning-the black bar safety net
! Recently a security researcher has released an exploit code. This code suggests that the attacker can be through enough to fake spurious fishing, easily stolen using the latest version of iOS iCloud password. The vulnerability principle This proof-of-concept attacks using the iOS default email...
Update to Firefox 31.7.0esr (important)
update to Firefox 31.7.0esr bnc930622 MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards MFSA 2015-47/VE-2015-0797 bmo1080995 Buffer overflow parsing H.264 video with Linux Gstreamer MFSA 2015-48/CVE-2015-2710 bmo1149542 Buffer overflow with SVG content and CSS MFSA...