CVE-2013-0918

Removed by vendor...

Google Chrome < 26.0.1410.43 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 26.0.1410.43 and is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'Web Audio' and the extension bookmarks API. CVE-2013-0916, CVE-2013-0920 - An out-of-bounds read...

JVN#80922020: ArtIME Japanese Input vulnerable to information disclosure

ArtIME Japanese Input is a Japanese Input Method Editor IME for Android devices. ArtIME Japanese Input contains an issue in the access permissions for the certain files. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product...

CVE-2013-0074

Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka “Silverlight Double Dereference Vulnerability.” Recent...

CVE-2013-0074

CVE-2013-0074 (Microsoft Silverlight) affects Silverlight 5 and the 5 Developer Runtime prior to 5.1.20125.0. The root cause is improper validation of pointers during HTML object rendering, leading to a pointer-dereference memory corruption that can allow remote code execution via a crafted Silve...

CVE-2013-0074

Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."...

Android developer said 'F-Secure can say that anything is malware'

As the popularity of Android has boomed, more and more malware is targeting the platform. Digital miscreants are using fraudulent developer accounts on Google's Play marketplace to spread malware. According to latest Mobile Threat report from F-Secure, Android malware continued to gain in share i...

Fake Google Play Accounts Peddling Banking Malware

On the one year anniversary of Google Play comes news that a new botkit is making the rounds that leverages actual verified accounts from that marketplace to trick users into downloading phony banking applications. Brian Krebs, who goes into further detail about the malware in a post on his blog...

Qool CMS v2.0 RC2 Multiple HTML And JavaScript Injection Vulnerabilities

Summary Qool CMS is a content management system that helps web masters be more productive. Qool has been built with both worlds web master, web developer in mind. It is easy to create addons extensions for the system but you can really do without them too. Description Qool CMS suffers from multip...

Question2Answer 1.5.3 CSRF / Brute Force Vulnerability

Exploit for php platform in category web applications These are Brute Force, Insufficient Anti-automation and Cross-Site Request Forgery vulnerabilities in Question2Answer. This is the first part of vulnerabilities in this web application. ------------------------- Affected products:...

Question2Answer 1.5.3 CSRF / Brute Force

Hello list! These are Brute Force, Insufficient Anti-automation and Cross-Site Request Forgery vulnerabilities in Question2Answer. This is the first part of vulnerabilities in this web application. ------------------------- Affected products: ------------------------- Vulnerable are all versions ...

dopvSTAR* vulnerable to cross-site scripting

Overview dopvSTAR provided by bayashi.net is a software to analyze web access logs. dopvSTAR contains a cross-site scripting vulnerability. Masahiro YAMADA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

Design/Logic Flaw

The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict privileges during interaction with a connected server, which has unspecified impact and attack vectors...

CVE-2013-0887

The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict privileges during interaction with a connected server, which has unspecified impact and attack vectors...

CVE-2013-0887

The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict privileges during interaction with a connected server, which has unspecified impact and attack vectors...

CVE-2013-0887

Chromium-based: CVE-2013-0887 affects Google Chrome prior to 25.0.1364.97 (Windows/Linux) and prior to 25.0.1364.99 (Mac). The developer-tools process does not properly restrict privileges when interacting with a connected server, but the provided documents do not specify impact, attack vectors, ...

CVE-2013-0887

Removed by vendor...

Chrome 25 Fixes Nine High-Risk Vulnerabilities

Google has fixed nine high-severity vulnerabilities in its Chrome browser, as well as a dozen other flaws with the release of Chrome 25. This release is one of the few for which the company did not pay out much in the way of bug bounties, only giving out $3,500. In Chrome 25 Google also disabled...

Google Chrome < 25.0.1364.97 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 25.0.1364.97. It is, therefore, affected by the following vulnerabilities : - An unspecified memory corruption error exists related to 'web audio node'. CVE-2013-0879 - Use-after-free errors exist related to database...

Google Chrome < 25.0.1364.97 Multiple Vulnerabilities

Binary data 800930.prm...