5251 matches found
Geutebrück IP Cameras
CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Geutebrück Equipment: IP Cameras Vulnerabilities: Authentication Bypass and Improper Neutralization of Special Elements AFFECTED PRODUCTS The following Geutebrück G-Cam IP camera version is affected: G-Cam/EFD-2250...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to $sanitize in sanitizer being unable to traverse the HTML because one or more of the elements in the HTML have been "clobbered". This could be a sign that the payload contains code attempting to cause a DoS...
CVE-2017-5016
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page...
UBUNTU-CVE-2017-5396
A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...
XML Signature Wrapping Attack
pyxmlsecurity is vulnerable to XML signature wrapping attacks. A flaw in the verify function allows attackers to modify the message by injecting forged elements which do not invalidate the XML Signature...
Mozilla Thunderbird Security Advisories (MFSA2016-96, MFSA2016-96) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Mozilla: Use-after-free while manipulating DOM events and audio elements (MFSA 2016-94, MFSA 2016-95)
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
Verizon Webmail client stored XSS vulnerability-vulnerability warning-the black bar safety net
Write in front of words Before that, I had specialized to write a technical article to explain in detail through Verizon Webmial client of server-side vulnerabilities article transfer gate button. But I recently went in this client found some very interesting vulnerabilities, these vulnerabilitie...
Mozilla: Use-after-free while manipulating DOM events and audio elements (MFSA 2016-94, MFSA 2016-95)
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
CVE-2016-9899
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
CVE-2016-9895
Event handlers on "marquee" elements were executed despite a strict Content Security Policy CSP that disallowed inline JavaScript. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
CVE-2016-9899
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
UBUNTU-CVE-2016-9899
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...
Multiple Cross-Site Scripting Vulnerabilities in Wordpress Plugin tiny-bootstrap-elements-light
WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Multiple cross-site scripting vulnerabilities exist in the Wordpress plugin tiny-bootstrap-elements-light. The program fails to filter user-supplied input, allowing...
CVE-2016-5160
The AllowCrossRendererResourceLoad function in extensions/browser/urlrequestutil.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json webaccessibleresources field for restrictions on IFRAME elements, which...
Fedora 23 : webkitgtk4 (2016-d957ffbac1)
This update addresses the following vulnerabilities : - CVE-2016-4622, CVE-2016-4624, CVE-2016-4591, CVE-2016-4590 Additional fixes : - Fix performance in accelerated compositing mode with the modesetting intel driver and DRI3 enabled. - Reduce the amount of file descriptors that the Web Process...
Android on Nexus Buffer Overflow Vulnerability
Android on Nexus 7 is an open source Linux-based operating system for the Nexus 7 Tablet PC developed by Google and the Open Handheld Alliance OHA, and the Qualcomm Wi-Fi driver is a Qualcomm-developed Wi-Fi driver component used in it. Qualcomm Wi-Fi driver is one of the components used in the...
UBUNTU-CVE-2016-5264
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG element that is mishandled duri...
LastPass Patches Ormandy Remote Compromise Flaw
LastPass has patched a vulnerability in its Firefox add-on found by Google Project Zero researcher Tavis Ormandy that allows attackers complete remote compromise of the password manager, . The divisive Ormandy submitted a bug report on Tuesday to LastPass after a series of tweets hinting at serio...
Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations)
The Apache OpenOffice Project reports: An OpenDocument Presentation .ODP or Presentation Template .OTP file can contain invalid presentation elements that lead to memory corruption when the document is loaded in Apache OpenOffice Impress. The defect may cause the document to appear as corrupted a...