786 matches found
CVE-2017-5468
An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox 53...
UBUNTU-CVE-2017-5468
An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox 53...
KLA11833 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Windows Graphics Component can be...
Debian Security Advisory DSA 3776-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5006 Mariusz Mlynski discovered a cross-site scripting issue. CVE-2017-5007 Mariusz Mlynski discovered another cross-site scripting issue. CVE-2017-5008 Mariusz Mlynski discovered a third cross-site scripting issue...
Mozilla: Insecure communication methods in Developer Tools JSON viewer (MFSA 2017-02)
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...
Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities
Binary data 9928.prm...
Mozilla Firefox < 51 Multiple Vulnerabilities
Binary data 9927.prm...
Mozilla Firefox ESR Security Advisories (MFSA2017-01, MFSA2017-02) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla: Insecure communication methods in Developer Tools JSON viewer (MFSA 2017-02)
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...
CVE-2017-5390
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...
CVE-2017-5390
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...
UBUNTU-CVE-2017-5390
The JSON viewer in the Developer Tools uses insecure methods to create a communication channel for copying and viewing JSON or HTTP headers data, allowing for potential privilege escalation. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...
Debian DSA-3731-1 : chromium-browser - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2016-5181 A cross-site scripting issue was discovered. - CVE-2016-5182 Giwan Go discovered a heap overflow issue. - CVE-2016-5183 A use-after-free issue was discovered in the pdfium library. - CVE-2016-5184 Another...
CVE-2016-5164
Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...
Cross site scripting
Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...
CVE-2016-5164
Removed by vendor...
CVE-2016-5165
CVE-2016-5165 is a Cross-site Scripting vulnerability in Google Chrome’s DevTools (DevTools subsystem) allowing remote attackers to inject arbitrary web script or HTML via the settings parameter of a chrome-devtools-frontend.appspot.com URL query string. Affected: Google Chrome on Windows, macOS ...
Debian Security Advisory DSA 3660-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5147 A cross-site scripting issue was discovered. CVE-2016-5148 Another cross-site scripting issue was discovered. CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling. CVE-2016-5150 ...
DSA-3660-1 chromium-browser - security update
Bulletin has no description...
CVE-2016-5164
Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...