EUVD-2006-4378

Malware in sbrugna...

EUVD-2004-0536

Malware in sbrugna...

ROS-2-466

2.466 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

SUSE CVE-2004-0762

Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box...

SUSE CVE-2008-0417

CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password...

SUSE CVE-2009-3374

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to...

CVE-2022-22732

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources data supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission Versions pri...

ROS-2-614

2.614 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

ROS-2-823

2.823 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

GLSA-202005-11 : VLC: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-202005-11 VLC: Buffer overflow A buffer overflow in DecodeBlock in sdlimage.c was discovered. Impact : A remote user could craft a specifically crafted image file that could execute arbitrary code or cause denial of service...

Debian DSA-4289-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-16065 Brendon Tiszka discovered an out-of-bounds write issue in the v8 JavaScript library. - CVE-2018-16066 cloudfuzzer discovered an out-of-bounds read issue in blink/webkit. - CVE-2018-16067 Zhe Jin discovered ...

DRUPAL-CONTRIB-2018-022

This module enables you to monitor and manage any number of remote Drupal sites and aggregate useful information for administrators in a central dashboard. The modules DRD and DRD Agent encrypt the data which is exchanged between them but in order to do so, they use the PHP serialize/unserialize...

DEBIAN-CVE-2017-2363

An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain...

Imgur: Server Side Request Forgery In Video to GIF Functionality

imgur.com is vulnerable to Server Side Request Forgery because it fails to sanitize or verify the "url" GET parameter. This could be used by attackers to launch attacks against other 3rd party sites or proxy an attackers requests through the affected site to hide the attackers origin. In more...

UBUNTU-CVE-2014-9689

content/renderer/devicesensors/deviceorientationeventpump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote attackers to obtain speech signals from a device's physical environment via a crafted web site that...

Fluid Dynamics Search Engine 2.0 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5199/info Fluid Dynamics Search Engine is a search application for local and remote web sites, and is designed to work in most UNIX and Microsoft Windows environments. Fluid Dynamics Search Engine and is maintained by...

Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : kdelibs vulnerabilities (USN-871-1)

A buffer overflow was found in the KDE libraries when converting a string to a floating point number. If a user or application linked against kdelibs were tricked into processing crafted input, an attacker could cause a denial of service via application crash or possibly execute arbitrary code wi...

CVE-2008-1580

CFNetwork in Safari in Apple Mac OS X before 10.5.3 automatically sends an SSL client certificate in response to a web server's certificate request, which allows remote web sites to obtain sensitive information Subject data from personally identifiable certificates, and use arbitrary certificates...

Mozilla arbitrary code execution

CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password...

Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability

Overview Web browsers running the Apple QuickTime plugin may allow remote web sites to reference content on the local filesystem. This may allow an attacker to execute script within the security context of the local machine. Description Web browser plugins that allow remote web sites to reference...