6680 matches found
Cheetah Security Browser has a design flaw
Cheetah Secure Browser is a browser launched by Cheetah Mobile formerly Kingsoft Network, focusing on security and speed features, using Trident and WebKit dual rendering engine, and integrating Kingsoft's own BIPS for security protection. A design vulnerability exists in Cheetah Secure Browser,...
[SECURITY] Fedora 23 Update: kf5-khtml-5.24.0-1.fc23
KHTML is a web rendering engine, based on the KParts technology and using K JS for JavaScript support...
[SECURITY] Fedora 23 Update: kf5-kdewebkit-5.24.0-1.fc23
KDE Frameworks 5 Tier 3 integration module for the HTML rendering engine We bKit...
[SECURITY] Fedora 24 Update: kf5-kdewebkit-5.24.0-1.fc24
KDE Frameworks 5 Tier 3 integration module for the HTML rendering engine We bKit...
[SECURITY] Fedora 24 Update: kf5-khtml-5.24.0-1.fc24
KHTML is a web rendering engine, based on the KParts technology and using K JS for JavaScript support...
XSS in client rendered block templates
Overview Affected versions of rendr are vulnerable to cross-site scripting when client side rendering is done inside a block. Server side rendering is not affected and is properly escaped. Recommendation Update to version 1.1.4 or later. References - PR 61 - PR 513 - GitHub Advisory...
XSS in /includes/decorators/global-translations.jsp
panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61888. panel Somewhat hard to exploit but still doable when it comes to cache poisoning. Steps to reproduce: Tamper with a GET request to...
Fedora 22 : webkitgtk4 (2016-f5107c318e)
This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...
Fedora 23 : webkitgtk4 (2016-c1f4334ded)
This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...
Fedora 24 : webkitgtk4 (2016-e46b75e5df)
This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...
The vulnerability in the Firefox ESR software allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.
A vulnerability exists in the ConvolveHorizontally function of Skia for Mozilla Firefox ESR, due to improper rendering of graphic data when this function is executed. Exploiting this vulnerability allows malicious actors to execute arbitrary code, causing prolonged scaling of images; for example,...
The vulnerability of the Firefox browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.
A vulnerability exists in the ConvolveHorizontally function of Skia for Mozilla Firefox, due to improper rendering of graphic data when this function is executed. Exploiting this vulnerability allows malicious actors to execute arbitrary code, causing prolonged scaling of images; for example,...
The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.
The use of this after release in core/dom/Node.cpp in Blink for Google Chrome allows malicious actors operating remotely to trigger service failures or otherwise affect the system by exploiting inconsistencies in the rendering tree...
The vulnerability of Google Chrome allows a malicious actor to circumvent domain restriction rules.
The Google Chrome browser contains a vulnerability related to the implementation of drag-and-drop functionality. This vulnerability allows malicious actors to circumvent domain restrictions and replace local file paths by accessing resources through rendering. To exploit this vulnerability, activ...
The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.
The Google Chrome browser contains a vulnerability related to memory reuse after deallocation use-after-free error in the browser/ui/views/speechrecognitionbubbleviews.cc file. Exploiting this vulnerability allows malicious actors to remotely cause system failures or other adverse effects through...
The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.
The Google Chrome browser contains a vulnerability related to memory reuse after deallocation use-after-free error in the browser/ui/views/speechrecognitionbubbleviews.cc file. Exploiting this vulnerability allows malicious actors to remotely cause system failures or other adverse effects through...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.
The vulnerability of the CPDFDIBSource::CreateDecoder function located in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in the PDFium browser component of Google Chrome is related to improper handling of initialization errors. Exploiting this vulnerability can allow an attacker to trigger a...
Phishing Template Generation Made Easy: SimplyTemplate
Phishing Template Generation Made Easy. The goal of this project was to hopefully speed up Phishing Template Gen as well as an easy way to ensure accuracy of your templates. All templates will provide you with a small meta tag. This tag will help you quickly identify the capabilities of the modul...
UBUNTU-CVE-2016-1685
core/fxge/ge/fxgetext.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...
[SECURITY] Fedora 23 Update: webkitgtk4-2.12.3-1.fc23
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...