132 matches found
CVE-2017-1000137
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when adding a text block to a page via the keyboard rather than drag and drop...
CVE-2017-1000137
Mahara is affected: versions 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to cross-site scripting when a text block is added to a page via the keyboard (not drag-and-drop). Root cause reported as an XSS issue in these build paths. Exploit details, mitigations, and fixes are not prov...
Qemu: input: host memory lekage via keyboard events
Memory leak in the keyboard input event handlers support in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption by rapidly generating large keyboard events...
DEBIAN-CVE-2017-8379
Memory leak in the keyboard input event handlers support in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption by rapidly generating large keyboard events...
Memory corruption
Memory leak in the keyboard input event handlers support in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption by rapidly generating large keyboard events...
CVE-2017-8379
Memory leak in the keyboard input event handlers support in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption by rapidly generating large keyboard events...
CVE-2017-8379
CVE-2017-8379 is a memory-leak issue in QEMU keyboard input event handling that can allow a local privileged guest user to exhaust host memory and cause a denial of service. The vulnerability is listed among fixes in Red Hat RHSA-2017:2408, which notes remediation by rebasing to QEMU 2.9.0 and re...
QEMU Denial of Service Vulnerability (CNVD-2017-06736)
QEMU is an open source emulator software. QEMU suffers from a denial of service vulnerability in the keyboard input event handler implementation, which can be exploited by an attacker to cause a denial of service...
CVE-2017-8379
Memory leak in the keyboard input event handlers support in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption by rapidly generating large keyboard events...
CVE-2017-8379
Memory leak in the keyboard input event handlers support in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption by rapidly generating large keyboard events...
Multiple Lenovo products remotely vulnerable
Lenovo Wireless Mouse Black and others are among the products in the wireless desktop kit that includes a mouse and keyboard from the Chinese company Lenovo. A remote security vulnerability exists in several Lenovo products, which can be exploited by an attacker to inject keyboard input via the...
CVE-2016-6257
The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system b...
CVE-2016-6257
The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system b...
Sql injection
The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system b...
CVE-2016-6257
The firmware in Lenovo Ultraslim dongles, as used with Lenovo Liteon SK-8861, Ultraslim Wireless, and Silver Silk keyboards and Liteon ZTM600 and Ultraslim Wireless mice, does not enforce incrementing AES counters, which allows remote attackers to inject encrypted keyboard input into the system b...
CVE-2014-1380
The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input...
Input validation
The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input...
Microsoft Windows 2000/2003/XP Keyboard Event Privilege Escalation Weakness
No description provided by source. source: http://www.securityfocus.com/bid/14743/info Microsoft Windows is prone to a privilege escalation weakness. This issue is due to a design error when desktop applications handle keyboard events sent through the keybdevent function. The specific issue is th...
DEBIAN-CVE-2012-0064
xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations that break the input grab...
Stable Channel Update
The Chrome Team is excited to announce the promotion of Chrome 32 to the Stable channel. 32.0.1700.76 for Windows and Chrome Frame and 32.0.1700.77 for Mac and Linux. This release contains a number of fixes and improvements, including: Tab indicators for sound, webcam and casting A different look...