Design/Logic Flaw

Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...

CVE-2014-3191

Removed by vendor...

CVE-2014-3191

Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...

UBUNTU-CVE-2014-3191

Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...

GLSA-201409-06 : Chromium: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201409-06 Chromium: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to cause a Denial of...

Chromium: Multiple vulnerabilities

Background Chromium is an open-source web browser project. Description Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details. Impact A remote attacker may be able to cause a Denial of Service condition or possibly have other...

Design/Logic Flaw

Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies...

CVE-2014-3178

Removed by vendor...

CVE-2014-3178

Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies...

CVE-2014-3178

CVE-2014-3178 is a use-after-free in Blink/WebKit’s DOM handling (core/dom/Node.cpp) affecting Chromium-based browsers. The vulnerability was disclosed in conjunction with Chrome/Chromium fixes for version set around 37.x. Debian/Ubuntu/OpenVAS entries indicate resolution by upgrading to Chromium...

CVE-2014-3178

Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies...

UBUNTU-CVE-2014-3178

Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies...

Ubuntu: Security Advisory (USN-2326-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Muster Render Farm Management System Arbitrary File Download

No description provided by source...

MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Citadel WebCit 7.02/7.10 showuser who Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24913/info Citadel WebCit is prone to multiple input-validation vulnerabilities, including multiple HTML-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied input dat...

[oss-security] [CVE-2014-0130] Directory Traversal Vulnerability With Certain Route Configurations

There is a vulnerability in the 'implicit render' functionality in Ruby on Rails. This vulnerability has been assigned the CVE identifier CVE-2014-0130. Versions Affected: All Supported Not affected: None Fixed Versions: 4.1.1, 4.0.5, 3.2.18 Impact ------ The implicit render functionality allows...

UBUNTU-CVE-2014-0130

Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...

PT-2014-3491 · Ruby +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 3.2.18 Ruby on Rails versions 4.0.x prior to 4.0.5 Ruby on Rails versions 4.1.x prior to 4.1.1 Description: The issue allows remote attackers to read arbitrary files via a crafted request, due to a directory...

Directory Traversal Vulnerability With Certain Route Configurations

There is a vulnerability in the 'implicit render' functionality in Ruby on Rails.The implicit render functionality allows controllers to render a template, even if there is no explicit action with the corresponding name. This module does not perform adequate input sanitization which could allow a...