CVE-2025-45663

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...

CVE-2025-45663

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure...

UBUNTU-CVE-2025-45663

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure...

PT-2025-44770

Name of the Vulnerable Software and Affected Versions Netsurf version 3.11 Description An issue exists in NetSurf version 3.11 where the application reads uninitialized heap memory during the creation of a dom event structure. Recommendations At the moment, there is no information about a newer...

CVE-2025-45663

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure...

EUVD-2025-37484

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure...

NetSurf 安全漏洞

NetSurf is a lightweight browser from the NetSurf organization. A security vulnerability exists in NetSurf version v3.11 that originates from reading uninitialized heap memory when creating a domevent structure...

CVE-2025-45663

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure...

CVE-2025-45663

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure...

SUSE CVE-2009-1690

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service memory...

CVE-2020-11737

CVE-2020-11737 concerns Zimbra Web Client (9.0) with an XSS vulnerability: an attacker can craft links in email/calendar invites that execute arbitrary JavaScript. The attack requires an A element with an href containing a "www" substring followed immediately by a DOM event listener (e.g., onmous...

CVE-2020-11737

A cross-site scripting XSS vulnerability in Web Client in Zimbra 9.0 allows a remote attacker to craft links in an E-Mail message or calendar invite to execute arbitrary JavaScript. The attack requires an A element containing an href attribute with a "www" substring including the quotes followed...

Debian Security Advisory DSA 2883-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser. CVE-2013-6654 TheShow3511 discovered an issue in SVG handling. CVE-2013-6655 cloudfuzzer discovered a use-after-free iss...

Cross-site Scripting (XSS)

Overview angularjs is a Affected versions of this package are vulnerable to Cross-site Scripting XSS. DOM event handlers await events to occur e.g. onclick, onkeypress, etc and execute arbitrary Javascript code in accordance to the event. By default, interpolations inside DOM event handlers are...

Cross-site Scripting (XSS)

Overview AngularJS.Core is a AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Cross-site Scripting XSS. DOM event handlers await events to occur e.g. onclick, onkeypress, etc and execute arbitrary Javascript code in accordance to the...

FreeBSD : opera -- execution of arbitrary code (ea0f45e2-6c4b-11e2-98d9-003067c2616f)

Opera reports : Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code. To inject code, additional techniques would have to be employed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

opera -- execution of arbitrary code

Opera reports: Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code. To inject code, additional techniques would have to be employed...

Debian DSA-1868-1 : kde4libs - several vulnerabilities

Several security issues have been discovered in kde4libs, core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1690 It was discovered that there is a use-after-free flaw in handling certain DOM event handlers...

Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)

Check for the Version of kdelibs4 OpenVAS Vulnerability Test Mandriva Update for kdelibs4 MDVSA-2010:027 kdelibs4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Cross site scripting

Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload...