6681 matches found
[SECURITY] Fedora 24 Update: php-horde-Horde-Mime-Viewer-2.2.1-1.fc24
Provides rendering drivers for MIME data...
UBUNTU-CVE-2016-5275
Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeededRegions function in Mozilla Firefox before 49.0 allows remote attackers to execute arbitrary code by leveraging improper interaction between empty filters and CANVAS element rendering...
[SECURITY] Fedora 23 Update: php-horde-Horde-Mime-Viewer-2.2.1-1.fc23
Provides rendering drivers for MIME data...
[SECURITY] Fedora 25 Update: php-horde-Horde-Mime-Viewer-2.2.1-1.fc25
Provides rendering drivers for MIME data...
CVE-2016-5163
The CVE-2016-5163 issue affects Google Chrome’s bidirectional-text handling in the address bar (omnibox). Specifically, before Chrome 53.0.2785.89 on Windows/OS X and before 53.0.2785.92 on Linux, RTL Unicode text could cause the address bar to render URLs incorrectly, enabling spoofing via craft...
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)
Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...
Fedora 24 : webkitgtk4 (2016-4728dfe3ec)
This update addresses the following vulnerabilities : - CVE-2016-4622, CVE-2016-4624, CVE-2016-4591, CVE-2016-4590 Additional fixes : - Fix performance in accelerated compositing mode with the modesetting intel driver and DRI3 enabled. - Reduce the amount of file descriptors that the Web Process...
DLA-604-1 ruby-actionpack-3.2 - security update
Bulletin has no description...
[SECURITY] Fedora 24 Update: webkitgtk4-2.12.4-1.fc24
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...
RHEL 6 : kernel (RHSA-2016:1664)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Firefox, Chrome are caught: for the mainstream the browser's address fraud vulnerabilities-vulnerability warning-the black bar safety net
! Researcher Rafay Baloch yesterday disclosed the vulnerability details, he was in year 3, on Singapore's Black Hat Asia to do about the address bar spoofing of speech. The vulnerability principle Baloch in the personal web site said that the vulnerability of the main reason is that Chrome and...
SUSE-SU-2016:2061-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss
MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr and mozilla-nss were updated to fix nine security issues. MozillaFirefox was updated to version 45.3.0 ESR. mozilla-nss was updated to version 3.21.1, mozilla-nspr to version 4.12. These security issues were fixed in 45.3.0ESR: -...
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3044-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3044-1 advisory. Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially...
Nextcloud: XSS on IOS app via HTML rendering
@bugdiscloseguys reported an issue to us leading to a stored XSS attack on the iOS app. To be exploitable the victim would have to open a malicious file shared by an adversary with the user. On request of the reporter, this issue is only disclosed limitedly. While we usually don't agree to disclo...
USN-3044-1: Firefox vulnerabilities
Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or obtain sensitive information. CVE-2016-0718...
USN-3044-1 firefox vulnerabilities
Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or obtain sensitive information. CVE-2016-0718...
CVE-2016-5263
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."...
CVE-2016-5263
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."...
CVE-2016-5263
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion."...
paps 'read_file()' heap buffer overflow vulnerability
paps is a converter from UTF-8 to PostScript language using Pango, an open source library for high quality rendering of internationalized text. A heap buffer overflow vulnerability exists in paps. An attacker could exploit this vulnerability to execute arbitrary code, which could also result in a...