20 matches found
EUVD-2019-18217
Malware in sbrugna...
Liberapay: Password Reset Token Leak Via Referrer
Vulnerability description not provided...
SUSE CVE-2018-6048
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer information via a crafted HTML page...
CVE-2019-8827
The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15...
Shopify: Bypass For #997350 your-store.myshopify.com preview link is leak on third party website Via Online Store
Hi Security Team, Description Full Description in 997350 The owner of that website can perform a security compromise by grabbing those links. Solution: The solution is very very SIMPLE. Just include the following HTML code in the following in code between tags of the html of the page: This will n...
UBUNTU-CVE-2018-6051
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page...
FreeBSD : chromium -- multiple vulnerabilities (8e986b2b-1baa-11e8-a944-54ee754af08e)
Google Chrome Releases reports : Several security fixes in this release, including : - 780450 High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 - 787103 High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu @shhnjk on 2017-11-20 - 793620...
chromium-browser: referrer leak in xss auditor
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page...
Security update for chromium (important)
This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed: - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...
FreeBSD : chromium -- multiple vulnerabilities (a692bffe-b6ad-11e7-a1c2-e8e0b747a45a)
Google Chrome Releases reports : 35 security fixes in this release, including : - 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 - 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 - 760455 High CVE-2017-5126: Use after free in...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 35 security fixes in this release, including: 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 760455 High CVE-2017-5126: Use after free in PDFium...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: Several security fixes in this release, including: 780450 High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 787103 High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu @shhnjk on 2017-11-20 793620 High...
FreeBSD : phpmyadmin -- multiple vulnerabilities (ef70b201-645d-11e6-9cdc-6805ca0b3d42)
The phpmyadmin development team reports : Weakness with cookie encryption Multiple XSS vulnerabilities Multiple XSS vulnerabilities PHP code injection Full path disclosure SQL injection attack Local file exposure Local file exposure through symlinks with UploadDir Path traversal with SaveDir and...
phpmyadmin -- multiple vulnerabilities
The phpmyadmin development team reports: Weakness with cookie encryption Multiple XSS vulnerabilities Multiple XSS vulnerabilities PHP code injection Full path disclosure SQL injection attack Local file exposure Local file exposure through symlinks with UploadDir Path traversal with SaveDir and...
Referrer leak in url.php
PMASA-2016-50 Announcement-ID: PMASA-2016-50 Date: 2016-07-24 Summary Referrer leak in url.php Description A vulnerability was discovered where an attacker can determine the phpMyAdmin host location through the file url.php. Severity We consider this to be of moderate severity. Affected Versions...
openSUSE Security Update : phpMyAdmin (openSUSE-2016-806)
This phpMyAdmin update to version 4.4.15.7 fixes the following issues : Issues fixed: Setup script doesn't use input type 'password' in all relevant locations Security issues fixed : - PMASA-2016-17 CVE-2016-5701, CWE-661 https://www.phpmyadmin.net/security/PMASA-2016-17/ - BBCode injection...
Referrer leak in transformations
PMASA-2016-28 Announcement-ID: PMASA-2016-28 Date: 2016-06-23 Summary Referrer leak in transformations Description A vulnerability was reported where a specially crafted Transformation could be used to leak information including the authentication token. This could be used to direct a CSRF attack...
openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-2421)
This security update brings Mozilla Thunderbird to version 1.5.0.9. http://www.mozilla.org/projects/security/known-vulnerabilities.html It includes fixes to the following security problems: CVE-2006-6497/MFSA2006-68: Crashes with evidence of memory corruption were fixed in the layout engine...
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2418)
This update brings MozillaFirefox to the security update release 1.5.0.9 2.0.0.1 for openSUSE 10.2 and includes the following security fixes : http://www.mozilla.org/projects/security/known-vulnerabilities.html CVE-2006-6497/MFSA2006-68: Crashes with evidence of memory corruption were fixed in th...
Mozilla Foundation Security Advisory 2006-75
Mozilla Foundation Security Advisory 2006-75 Title: RSS Feed-preview referrer leak Impact: Low Announced: December 19, 2006 Reporter: Jared Breland Products: Firefox 2.0 Fixed in: Firefox 2.0.0.1 Description Jared Breland reported on LEGROOM.net that when the new "Feed Preview" feature in Firefox...