Lucene search
+L

1551 matches found

Tenable Nessus
Tenable Nessus
added 2018/02/28 12:0 a.m.44 views

Fedora 26 : qt5-qtwebengine (2018-c0d3db441f)

This update updates QtWebEngine to the 5.10.1 bugfix and security release. QtWebEngine 5.10.1 is part of the Qt 5.10.1 release, but only the QtWebEngine component is included in this update. This update includes : - Security fixes from Chromium up to version 64.0.3282.140. Including:...

8.8CVSS6.6AI score0.02479EPSS
Exploits0References30
Mozilla
Mozilla
added 2017/09/28 12:0 a.m.540 views

Security vulnerabilities fixed in Firefox 56 — Mozilla

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake addre...

9.8CVSS10AI score0.03641EPSS
Exploits4References19Affected Software1
RedHat Linux
RedHat Linux
added 2017/07/31 2:32 p.m.6 views

chromium-browser: ui spoofing in blink

Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page...

6.5CVSS7.4AI score0.01433EPSS
Exploits0References5
Microsoft KB
Microsoft KB
added 2017/04/25 12:0 a.m.6 views

April 25, 2017—KB4016240 (OS Build 15063.250)

None None...

6.1AI score
Exploits0
seebug.org
seebug.org
added 2017/04/21 12:0 a.m.36 views

Chrome Universal XSS via fullscreen element updates (CVE-2016-5207)

VULNERABILITY DETAILS From /thirdparty/WebKit/Source/core/dom/Fullscreen.cpp: void Fullscreen::didEnterFullscreenForElementElement element ... // FIXME: This should not call updateStyleAndLayoutTree. document-updateStyleAndLayoutTree; ... Indeed. |didEnterFullscreenForElement| may be called in th...

4.3CVSS7.9AI score0.01992EPSS
Exploits1
OSV
OSV
added 2016/12/13 8:18 a.m.11 views

SUSE-SU-2016:3105-1 Security update for MozillaFirefox, mozilla-nss

This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5.1 bsc1009026: - CVE-2016-9079: Use-after-free in SVG Animation bsc1012964 MFSA 2016-92 - CVE-2016-5297: Incorrect argument length checking in Javascript...

9.8CVSS8.2AI score0.87598EPSS
Exploits17References22
OSV
OSV
added 2016/10/17 12:0 a.m.3 views

UBUNTU-CVE-2016-5187

Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox URL bar via crafted HTML pages...

6.5CVSS7AI score0.01235EPSS
Exploits0References3
NVD
NVD
added 2016/09/25 8:59 p.m.17 views

CVE-2016-5174

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

6.5CVSS6AI score0.00867EPSS
Exploits0References8
OSV
OSV
added 2016/09/25 8:59 p.m.2 views

CVE-2016-5174

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

6.5CVSS7AI score0.00867EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2016/09/25 8:59 p.m.13 views

CVE-2016-5174

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

6.5CVSS7AI score0.00867EPSS
Exploits0References2
Prion
Prion
added 2016/09/25 8:59 p.m.17 views

Design/Logic Flaw

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

4.3CVSS6.5AI score0.00867EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2016/09/25 8:59 p.m.3 views

UBUNTU-CVE-2016-5174

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

6.5CVSS7AI score0.00867EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/09/16 7:27 a.m.7 views

chromium-browser: popup not correctly suppressed

browser/ui/cocoa/browserwindowcontrollerprivate.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service unsuppressed popup via a crafted web site...

6.5CVSS7.4AI score0.00867EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/09/14 12:0 a.m.46 views

Google Chrome < 53.0.2785.113 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 53.0.2785.113. It is, therefore, affected by multiple vulnerabilities as referenced in the 201609stable-channel-update-for-desktop13 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113...

8.8CVSS8.2AI score0.0186EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.39 views

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr, mozilla-nss (SUSE-SU-2016:1691-1)

MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss and mozilla-nspr were updated to fix nine security issues. Mozilla Firefox was updated to version 45.2.0 ESR. mozilla-nss was updated to version 3.21.1. These security issues were fixed : - CVE-2016-2834: Memory safety bugs in NSS MFSA...

9.3CVSS7.2AI score0.23957EPSS
Exploits7References32
OSV
OSV
added 2016/07/14 9:29 a.m.11 views

SUSE-SU-2016:1799-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss

MozillaFirefox, MozillaFirefox-branding-SLE and mozilla-nss were updated to fix nine security issues. MozillaFirefox was updated to version 45.2.0 ESR. mozilla-nss was updated to version 3.21.1. These security issues were fixed: - CVE-2016-2834: Memory safety bugs in NSS MFSA 2016-61 bsc983639. -...

9.3CVSS8.5AI score0.23957EPSS
Exploits7References21
Tenable Nessus
Tenable Nessus
added 2016/06/14 12:0 a.m.262 views

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-704)

This update to Mozilla Firefox 47 fixes the following issues boo983549 : Security fixes : - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free...

9.3CVSS7.3AI score0.23957EPSS
Exploits7References28
NVD
NVD
added 2016/06/13 10:59 a.m.17 views

CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

8.8CVSS8.2AI score0.01347EPSS
Exploits0References11
OSV
OSV
added 2016/06/13 10:59 a.m.4 views

DEBIAN-CVE-2016-2831

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service UI outage, or conduct clickjacking or spoofing attacks, via a crafted web site...

8.8CVSS8.2AI score0.01347EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/06/11 10:7 p.m.50 views

Security update for MozillaFirefox, mozilla-nss (important)

This update to Mozilla Firefox 47 fixes the following issues boo983549: Security fixes: - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free deletin...

9.3CVSS0.5AI score0.23957EPSS
Exploits7References15
Rows per page
Query Builder