9 matches found
EUVD-2013-2250
Malware in sbrugna...
CVE-2013-2304
The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile Black Edition application 2.8.0 and earlier for Android allow remote attackers to load arbitrary Extension APIs, and trigger downloads or obtain sensitive HTTP response-body information, via a crafted web page...
Privilege Escalation
chromium is vulnerable to privilege escalation. The vulnerability exists through the extension APIs allowing an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page...
Remote Code Execution (RCE)
chromium is vulnerable to remote code execution. An attacker can inject and execute malicious code through the extension APIs allowing an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page...
SUSE-SU-2020:2100-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR Fixed: Various stability, functionality, and security fixes bsc1174538 CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker CVE-2020-6514: WebRTC data channel...
Design/Logic Flaw
The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app...
CVE-2015-3720
The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs, which allows attackers to obtain sensitive memory-layout information via a crafted app...
Design/Logic Flaw
The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app...
CVE-2013-2304
The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile Black Edition application 2.8.0 and earlier for Android allow remote attackers to load arbitrary Extension APIs, and trigger downloads or obtain sensitive HTTP response-body information, via a crafted web page...