100 matches found
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CNVD-2019-39014)
Internet Explorer is a web browser from Microsoft. Formerly known as Microsoft Internet Explorer prior to version 6 and Windows Internet Explorer versions 7, 8, 9, 10, 11, or IE for short. A memory corruption vulnerability exists in the Microsoft Internet Explorer scripting engine. The...
CVE-2017-5121
Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase...
UBUNTU-CVE-2017-5122
Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page...
Microsoft Edge Information Disclosure Vulnerability (CNVD-2017-23791)
Microsoft Windows 10 is a set of next-generation cross-platform operating systems released by Microsoft Corporation in the U.S. It is available for PCs and laptops, tablets, and cell phones, among other devices.Microsoft Edge is one of the default browsers that comes with the system. An informati...
DEBIAN-CVE-2017-11164
In PCRE 8.41, the OPKETRMAX feature in the match function in pcreexec.c allows stack exhaustion uncontrolled recursion when processing a crafted regular expression...
UBUNTU-CVE-2017-5040
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page...
DEBIAN-CVE-2017-6004
The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular expression...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.
The vulnerability of the V8 component in Google Chrome browsers arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure through a specially created HTML page...
The vulnerability of Google Chrome browser allows a perpetrator to gain access to protected information.
The vulnerability of the V8 component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information through a specially created HTML page...
pcre: heap buffer over-read in pcre_compile2() (8.37/23)
The pcrecompile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service out-of-bounds read via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by...
The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions.
The vulnerability of the Google V8 browser component in Google Chrome is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to circumvent existing access restrictions remotely...
MGASA-2013-0326 Updated thunderbird package fixes security vulnerabilities
Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2013-5590, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602...
CVE-2011-2982
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute...
Mozilla crash from several marquee elements (MFSA 2011-12)
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...
security flaw
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service stack exhaustion and PHP crash via deeply nested arrays, which trigger deep recursion in the variable destruction routines...
security flaw
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service crash and potentially execute arbitrary code via certain vectors...
security flaw
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via...
MS03-008: Flaw in Windows Script Engine (814078)
The remote host is vulnerable to a flaw in the Windows Script Engine, that provides Windows with the ability to execute script code. To exploit this flaw, an attacker would need to lure one user on this host to visit a rogue website or to send a user an HTML email with a malicious code in it. C...
iPlanet Remote File Viewing
Sun iPlanet Web Server Remote File Viewing Vulnerability Vendor: Sun Microsystems Product: iPlanet Web Server 6.0 SP2 iPlanet Web Server 4.1 SP9 Netscape Enterprise Server 3.6 Platforms: Windows 2000 Windows NT Other platforms not tested Category: Information Leak Author: [email protected]...
iis.asp.txt
NtWaK0 Bug / Security / Advisory Saturday, October 21, 2000 IIS 5 and using ..%c0%af../winnt/system32/cmd.exe?/c+type+c: To Read any ASP source Code of the server o Synopsis Based on http://www.wiretrip.net/rfp/p/doc.asp?id=57&iface=2 I done some research and found that that ..%c0%af.. can be use...