SUSE CVE-2010-1388

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and before 4.1 on Mac OS X 10.4, does not properly handle clipboard 1 drag and 2 paste operations for URLs, which allows user-assisted remote attackers to read arbitrary files via a crafted HTML document...

SUSE CVE-2012-1944

The Content Security Policy CSP implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to condu...

SUSE CVE-2015-0803

The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constrain the original data type of a casted value during the setting of a SOURCE element's attributes, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free...

SUSE CVE-2015-7186

Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger 1 a download or 2 cached profile-data reading via a file: URL in a saved HTML document...

SUSE CVE-2020-6808

When a JavaScript URL javascript: is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL as reported by the document.location property, for example was the originating javascript: URL which could lead to...

SUSE CVE-2021-43579

A stack-based buffer overflow in imageloadbmp in HTMLDOC = 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file...

SUSE CVE-2022-24191

In HTMLDOC 1.9.14, an infinite loop in the gifreadlzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow...

UBUNTU-CVE-2023-25736

An invalid downcast from nsHTMLDocument to nsIContent could have lead to undefined behavior. This vulnerability affects Firefox 110...

Zstore 6.6.0 Cross Site Scripting Vulnerability

Title: zstore-6.6.0 - XSS-Reflected Development: nu11secur1ty Vendor: https://zippy.com.ua/ Software: https://github.com/leon-mbs/zstore/releases/tag/6.5.4 Reproduce: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.5.4 Description: The value of manual insertion...

SUSE-SU-2023:0094-1 Security update for python36-setuptools

This update for python36-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document bsc1206667...

SUSE-SU-2023:0091-1 Security update for python310-setuptools

This update for python310-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document bsc1206667...

[SECURITY] Fedora 36 Update: w3m-0.5.3-58.git20220429.fc36

The w3m program is a pager or text file viewer that can also be used as a text-mode Web browser. W3m features include the following: when reading an HTML document, you can follow links and view images using an external image viewer; its internet message mode determines the type of document from t...

Senayan Library Management System 9.2.2 Cross Site Scripting

Title: Senayan Library Management System v9.2.2 a.k.a SLIMS 9 XSS-Reflected - inserting gif - redirect to outside HTTPS server Author: nu11secur1ty Date: 12.21.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/tag/v9.2.2 Reference:...

DEBIAN-CVE-2022-0137

A heap buffer overflow in imagesetmask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries...

HTMLDOC 缓冲区错误漏洞

HTMLDOC is an open source program that converts HTML and Markdown files to EPUB, Indexed HTML, PostScript and PDF formats. A buffer error vulnerability exists in HTMLDOC versions prior to 1.9.15, which stems from a heap buffer overflow in the imagesetmask function, which can be exploited by an...

MGASA-2022-0382 Updated epiphany packages fix security vulnerability

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. CVE-2022-29536...

Updated epiphany packages fix security vulnerability

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. CVE-2022-29536...

Debian DSA-5208-1 : epiphany-browser - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5208 advisory. - In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. T...

Microsoft Office Word MSDTJS

This module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to execute PowerShell code. Module Options msf use exploit/windows/fileformat/wordmsdtjsrce msf exploitwordmsdtjsrce show...

EpicEditor XSS Vulnerability

EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. An example attack vector is a crafted IMG element in an HTML document...