5743 matches found
KLA10504 Multiple vulnerabilities in Cisco products
Multiple serious vulnerabilities have been found in Cisco products. Below is a complete list of vulnerabilities 1. Improper serial port restrictions in Cisco Virtual TelePresence Server Software can be exploited locally via a specially designed OS commands; 2. An unknown vulnerability in Cisco CS...
Mozilla Firefox < 36.0 Multiple Vulnerabilities
Binary data 8653.prm...
SA-CONTRIB-2015-075 - Perfecto - Open Redirect
The Perfecto module allows themers accurately calibrate the CSS by floating compositions over the page. The module doesn't sufficiently check user supplied URLs in parameters used for page redirection. An attacker could trick users to visit malicious sites without realizing it. CVE identifiers...
Microsoft Internet Explorer BuildAnimation Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability lies in Internet...
Design/Logic Flaw
The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...
Google Chrome CSS Token Sequence Denial of Service Vulnerability
Google Chrome is a popular WEB browser. The 'RenderCounter::updateCounter' function in the core/rendering/RenderCounter.cpp file in Blink used by Google Chrome has a security vulnerability due to the program's failure to Because the program fails to enforce relayout operations and fails to proper...
CVE-2015-1228
CVE-2015-1228 affects Google Chrome (Blink) before 41.0.2272.76. The vulnerability is caused by RenderCounter::updateCounter not forcing a relayout and not initializing memory for a data structure, which can be triggered by a crafted CSS token sequence. The result is a denial of service (applicat...
CVE-2015-1228
Removed by vendor...
CVE-2015-1228
The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...
UBUNTU-CVE-2015-1228
The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service...
WordPress Plugin WonderPlugin Audio Player Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WonderPlugin Audio Player is one of the audio player plugin. WordPress WonderPlugin Audio Player plugin 2.0 and...
KLA10463 Multiple vulnerabilities in Google Chrome
Multiple critical vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or inject arbitrary code. Below is a complete list of vulnerabilities 1. Name conflict can be exploited remotely via a...
FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)
The Mozilla Project reports : MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...
PNMsoft Sequence Kinetics Information Disclosure Vulnerability
PNMsoft Sequence Kinetics is a suite of intelligent workflow applications from PNMsoft that can organize modeling, design, and execution.Form Controls CSS is one of the control form CSS files. A security vulnerability exists in the Form Controls CSS file in PNMsoft Sequence Kinetics 7.5 and earli...
Out-of-bounds
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...
CVE-2015-0826
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...
CVE-2015-0826
CVE-2015-0826 accuracy: The vulnerability affects Mozilla Firefox before 36.0, where nsTransformedTextRun::SetCapitalization can be triggered by a crafted CSS token sequence during restyle or reflow. The underlying issue is an out-of-bounds read of heap memory, enabling remote code execution or a...
CVE-2015-0826
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...
UBUNTU-CVE-2015-0826
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...
Buffer overflow during CSS restyling — Mozilla
Security researcher Atte Kettunen used the Address Sanitizer tool to discover an out-of-bounds read during the application of restyling and reflowing changes of web content using CSS. This results in a potentially exploitable crash...