CVE-2019-9848

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrar...

Security Bulletin: Multiple Mozilla Firefox vulnerability in IBM SONAS

Summary There is a security vulnerability in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.11 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of...

WLAN Input Validation Error Vulnerability in Multiple Qualcomm Products

Qualcomm MDM9206 and others are products of Qualcomm Incorporated.MDM9206 is a central processing unit CPU product.MDM9607 is a central processing unit CPU product.MDM9640 is a central processing unit CPU product.WLAN is one of the wireless LAN components. An input validation error vulnerability...

Mozilla: Use-after-free of ChromeEventHandler by DocShell

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

Use-After-Free

Thunderbird, Firefox and Firefox ESR are vulnerable to use-after-free vulnerability. Remote unauthenticated attacker could potentially crash the application when the chrome event handler is freed while still in use...

Mozilla: Use-after-free of ChromeEventHandler by DocShell

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

Mozilla: Use-after-free of ChromeEventHandler by DocShell

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

Mozilla Firefox and Mozilla Firefox ESR Memory Misreference Vulnerability

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in the chrome event handler in Mozilla Firefox...

UBUNTU-CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

CVE-2019-12241

The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php...

CVE-2019-12241

The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php...

Denial Of Service (DoS)

Mozilla Firefox is vulnerable to denial of service DoS attacks. The vulnerability exists in an unknown code of the component Nested Event Handler when manipulating user events in nested loops while opening a document through script resulting an application crash due to poor event handling...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service attacks. A local attacker could cause memory exhaustion resulting in denial of service. The vulnerability exists in the Keyboard Input Event Handler component and exploitable by rapidly generating large keyboard events...

Cross-site Scripting (XSS)

mozilla firefox is vulnerable to cross-site scripting XSS attacks. JavaScript event handler attributes on a tag will execute inside a sandboxed iframe that does not have the allow-scripts flag set...

Google Android Buffer Overflow Vulnerability (CNVD-2019-24145)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. WLAN Host is one of the wireless LAN components. A buffer overflow vulnerability exists in the WLAN HOST component in Android. An attacker can exploit this vulnerability to cause a buff...

Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference

function f1 try var v1 = eventhandler1; catche var v2 = document.createElementNS"http://www.w3.org/2000/svg", “pattern”; v2.addEventListener"1", v1; var v3 = document.createElement“option”; var v4 = document.createElement“select”; v44 = v3;...

CVE-2018-11297

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value eventinfo which is received from FW...

CVE-2018-11297

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value eventinfo which is received from FW...

CVE-2018-14243

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Intel Converged Security Manageability Engine Active Management Technology Buffer Overflow Vulnerability

The Intel Converged Security Manageability Engine is a security management engine for use in CPUs Central Processing Units from Intel Corporation in the U.S. Active Management Technology AMT is one of the active management components. A buffer overflow vulnerability exists in the event handler of...