37 matches found
EUVD-2012-4192
Malware in sbrugna...
EUVD-2016-3055
Malware in sbrugna...
CVE-2012-4248
The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the 1 dev.log, 2 lipc.set, 3 lipc.get, or 4 todo.scheduleItems method, a different...
SUSE CVE-2010-1423
Argument injection vulnerability in the URI handler in a Java NPAPI plugin and b Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the 1 -J or 2 -XXaltjvm argument to javaws.exe...
SUSE: Security Advisory (SUSE-SU-2021:1430-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2021:1499-1)
This update for webkit2gtk3 fixes the following issues : Update to version 2.32.0 bsc1184155 : - Fix the authentication request port when URL omits the port. - Fix iframe scrolling when main frame is scrolled in async - scrolling mode. - Stop using gmemdup. - Show a warning message when overridin...
SUSE-SU-2021:1499-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 bsc1184155: Fix the authentication request port when URL omits the port. Fix iframe scrolling when main frame is scrolled in async scrolling mode. Stop using gmemdup. Show a warning message when overriding signal...
OPENSUSE-SU-2021:0637-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 bsc1184155: Fix the authentication request port when URL omits the port. Fix iframe scrolling when main frame is scrolled in async scrolling mode. Stop using gmemdup. Show a warning message when overriding signal...
SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2021:1430-1)
This update for webkit2gtk3 fixes the following issues : Update to version 2.32.0 bsc1184155 : - Fix the authentication request port when URL omits the port. - Fix iframe scrolling when main frame is scrolled in async - scrolling mode. - Stop using gmemdup. - Show a warning message when overridin...
SUSE-SU-2021:1430-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 bsc1184155: Fix the authentication request port when URL omits the port. Fix iframe scrolling when main frame is scrolled in async scrolling mode. Stop using gmemdup. Show a warning message when overriding signal...
SUSE: Security Advisory (SUSE-SU-2016:0727-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross-Site Request Forgery (CSRF)
Thunderbird, Firefox ESR and Firefox are vulnerable to cross-site request forgery. A remote unauthenticated attacker can send non-simple requests to bypass cross-origin restrictions and conduct cross-site request forgery attacks via an NPAPI plugin...
NetScaler Gateway 11.0 VPN Client and EPA Plug-in Does Not Work With Chrome Version 42 and Later
The Client and EPA Plug-ins don't work with the latest Chrome versions as support for NPAPI is disabled by default. The support will be deprecated entirely in Chrome version 45 in September 2015. From Chrome version 42, all NPAPI plugins will appear as if they are not installed. This will affect...
Fedora 22 : webkitgtk4-2.12.1-1.fc22 (2016-ac1dff014c)
Highlights in 2.12.0: Enable FTL by default in JavaScriptCore for x8664. Network process is now used unconditionally. The shared secondary process model is now the same as using the multiple process model and setting a process limit of 1. Switch to use overlay scrollbars like all other GTK+ widge...
Mozilla Thunderbird Security Advisories (MFSA2016-16, MFSA2016-38) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
openSUSE Security Update : MozillaThunderbird (openSUSE-2016-402)
MozillaThunderbird was updated to 38.7.0 to fix the following issues : - Update to Thunderbird 38.7.0 boo969894 - MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback - MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and...
Security update for MozillaThunderbird (important)
MozillaThunderbird was updated to 38.7.0 to fix the following issues: Update to Thunderbird 38.7.0 boo969894 MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and history...
CVE-2016-1966
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer dereference and memory corruption via a crafted NPAPI plug...
DEBIAN-CVE-2016-1966
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer dereference and memory corruption via a crafted NPAPI plug...
CVE-2016-1966
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer dereference and memory corruption via a crafted NPAPI plug...