7378 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...
CVE-2016-5164
Removed by vendor...
CVE-2016-5165
CVE-2016-5165 is a Cross-site Scripting vulnerability in Google Chrome’s DevTools (DevTools subsystem) allowing remote attackers to inject arbitrary web script or HTML via the settings parameter of a chrome-devtools-frontend.appspot.com URL query string. Affected: Google Chrome on Windows, macOS ...
BigTree-CMS 4.2.x < 4.2.9 Multiple Vulnerabilities
Binary data 9556.prm...
Debian Security Advisory DSA 3660-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5147 A cross-site scripting issue was discovered. CVE-2016-5148 Another cross-site scripting issue was discovered. CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling. CVE-2016-5150 ...
DSA-3660-1 chromium-browser - security update
Bulletin has no description...
CVE-2016-5164
Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...
CVE-2016-5165
Cross-site scripting XSS vulnerability in the Developer Tools aka DevTools subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a...
CVE-2016-5164
Cross-site scripting XSS vulnerability in WebKit/Source/platform/v8inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools aka...
JVN#67266823: Cybozu Garoon vulnerable to open redirect
Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an open redirect vulnerability in the "Scheduler" function. Impact When accessing a specially crafted URL, a user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack...
JVN#09836883: Geeklog IVYWE edition contains a cross-site scripting vulnerability
Geeklog is an open source content management system CMS. Geeklog IVYWE edition contains a cross-site scripting CWE-79 vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the Patch Apply the appropriate patch according to the information provided by...
JVN#58455472: OSSEC Web UI vulnerable to cross-site scripting
OSSEC Web UI is a web interface for use with Open Source HIDS Security OSSEC. OSSEC Web UI contains a cross-site scripting CWE-79 vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the...
chromium: multiple issues
CVE-2016-5139 arbitrary code execution Multiple integer overflows in the opjtcdinittile function in tcd.c in OpenJPEG, as used in PDFium, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have other unspecified impact via crafted JPEG 2000 data. -...
Debian DSA-3645-1 : chromium-browser - security update
Several vulnerabilites have been discovered in the chromium web browser. - CVE-2016-5139 GiWan Go discovered a use-after-free issue in the pdfium library. - CVE-2016-5140 Ke Liu discovered a use-after-free issue in the pdfium library. - CVE-2016-5141 Sergey Glazunov discovered a URL spoofing issu...
[SECURITY] [DSA 3645-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3645-1 [email protected] https://www.debian.org/security/ Michael Gilbert August 09, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3645-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3645-1 [email protected] https://www.debian.org/security/ Michael Gilbert August 09, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3645-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5139 GiWan Go discovered a use-after-free issue in the pdfium library. CVE-2016-5140 Ke Liu discovered a use-after-free issue in the pdfium library. CVE-2016-5141 Sergey Glazunov discovered a URL spoofing issue...
DSA-3645-1 chromium-browser - security update
Bulletin has no description...
CVE-2016-5143
The Developer Tools aka DevTools subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different...
Path traversal
The Developer Tools aka DevTools subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different...