4310 matches found
CVE-2017-7753
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...
CVE-2017-7802
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects...
CVE-2017-7800
A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...
CVE-2017-7798
The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. This vulnerability affects Firefox ESR 52.3 and...
CVE-2017-7783
If a long user name is used in a username/password combination in a site URL such as " http://UserName:[email protected]", the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox 55...
CVE-2017-7797
Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox 55...
Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-20500)
Microsoft Windows 10 and Windows Server 2016 are both products of the American company Microsoft. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines i...
Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability
Microsoft Windows 10 and Windows Server 2016 are both products of the American company Microsoft. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines i...
Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-23798)
Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation, USA. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines is on...
Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-23799)
Microsoft Windows 10 and Windows Server 2016 are both products of the American company Microsoft. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines i...
Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-23800)
Microsoft Windows 10 is a next-generation cross-platform operating system from Microsoft.Microsoft Edge is the web browser that comes with the system.JavaScript engines is one of the JavaScript engine components. A remote code execution vulnerability exists in the JavaScript engine of Edge in...
Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-23797)
Microsoft Windows 10 and Windows Server 2016 are both products of the American company Microsoft. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines i...
Microsoft Windows 10 Edge JavaScript Remote Code Execution Vulnerability (CNVD-2017-20506)
Microsoft Windows 10 is a next-generation cross-platform operating system from Microsoft.Microsoft Edge is the web browser that comes with the system.JavaScript engines is one of the JavaScript engine components. A remote code execution vulnerability exists in the JavaScript engine of Edge in...
Microsoft Windows Edge JavaScript Engine Remote Code Execution Vulnerability (CNVD-2017-20499)
Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation, USA. The former is a set of operating systems for personal computers and the latter is a set of server operating systems.Edge is one of the default browsers that comes with the system.JavaScript engines is on...
Microsoft Windows 10 Edge JavaScript Remote Code Execution Vulnerability
Microsoft Windows 10 is a next-generation cross-platform operating system from Microsoft.Microsoft Edge is the web browser that comes with the system.JavaScript engines is one of the JavaScript engine components. A remote code execution vulnerability exists in the JavaScript engine of Edge in...
CVE-2017-8647
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique...
Memory corruption
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that...
Memory corruption
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
Memory corruption
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory...
CVE-2017-8635
Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that...