5255 matches found
CVE-2019-9870
plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements...
CVE-2019-9870
plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements...
Mozilla: Use-after-free when removing in-use DOM elements
A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...
CVE-2019-9870
plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements...
CVE-2019-9870
CVE-2019-9870 affects the w8tcha CKEditor oEmbed plugin prior to 2019-03-14. The vulnerability stems from how plugin.js mishandles SCRIPT elements, enabling a NETWORK-exposed issue with LOW attack complexity and no required user interaction. NVD records CVSS v3.0 base score 9.8 (CRITICAL) with HI...
The vulnerability of D-Link DIR-823G router’s microprogramming software arises from the lack of measures taken to neutralize the special elements used in the operating system command set. This allows a hacker to execute arbitrary operating system commands.
The vulnerability of D-Link DIR-823G router microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands...
Automattic: DOM based XSS in the WooCommerce plugin
I have found a stored DOM based XSS in the order page at WooCommerce 3.5.6. The Data input from HTML element name shippingstate and billingstate in order page outputs data without escaping.When the victim read the page containing the payload, it executes the script. Steps to reproduce 1. From a...
Mapping Communication Between Facebook Accounts Using a Browser-Based Side Channel Attack
A now-patched vulnerability in the web version of Facebook Messenger allowed any website to expose who you have been messaging with. In a previous post, I showed how your Facebook likes, location history, and other metadata could have been extracted from your Facebook account using a side-channel...
(Pwn2Own) Samsung Galaxy S8 Shannon Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the handling of Status Information Element...
CVE-2019-5759
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
DEBIAN-CVE-2019-5759
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
CVE-2019-5759
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
Debian DSA-4395-1 : chromium - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-17481 A use-after-free issue was discovered in the pdfium library. - CVE-2019-5754 Klzgrad discovered an error in the QUIC networking implementation. - CVE-2019-5755 Jay Bosamiya discovered an implementation erro...
openSUSE Security Update : chromium (openSUSE-2019-204)
This update for Chromium to version 72.0.3626.96 fixes the following issues : Security issues fixed bsc1123641 and bsc1124936 : - CVE-2019-5784: Inappropriate implementation in V8 - CVE-2019-5754: Inappropriate implementation in QUIC Networking. - CVE-2019-5782: Inappropriate implementation in V8...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:0204-1 Rating: important References: 1123641 1124936 Cross-References: CVE-2019-5754 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-57...
chromium-browser: Use after free in HTML select elements
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
Critical: Red Hat Security Advisory: chromium-browser security update
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
DEBIAN-CVE-2018-18500
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird 60.5, Firefox ESR 60.5, and...
The vulnerability of the Cisco Webex Teams collaboration software exists due to the lack of measures taken to neutralize special elements used in the operating system’s command sequence. This allows attackers to execute arbitrary commands.
The vulnerability of the Cisco Webex Teams collaboration software exists because measures are not taken to neutralize the special elements used in the operating system’s command sequence. Exploiting this vulnerability allows an attacker to execute arbitrary commands with privileges of the target...
Input validation
aioxmpp version 0.10.2 and earlier contains a Improper Handling of Structural Elements vulnerability in Stanza Parser, rollback during error processing, aioxmpp.xso.model.guard function that can result in Denial of Service, Other. This attack appears to be exploitable via Remote. A crafted stanza...