SUSE CVE-2017-5033

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline...

IBM Jazz Team Server 安全漏洞

IBM Jazz Team Server is an application server from IBM Corporation of America. IBM Jazz Team Server provides base services that enable a group of tools to work together as a single logical server, and includes any number of Jazz Team Server Extensions that provide tool-specific functionality.An...

Privilege Escalation

Mozilla Firefox is vulnerable to privilege escalation. The vulnerability exists in an unknown functionality of the component WebExtension. An attacker could run content scripts in local pages without permission warnings when a local file is opened resulting in a privilege escalation...

Mozilla: WebExtension local file permission check bypass

A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This...