Lucene search
K

6680 matches found

CNVD
CNVD
added 2016/07/25 12:0 a.m.3 views

Cheetah Security Browser has a design flaw

Cheetah Secure Browser is a browser launched by Cheetah Mobile formerly Kingsoft Network, focusing on security and speed features, using Trident and WebKit dual rendering engine, and integrating Kingsoft's own BIPS for security protection. A design vulnerability exists in Cheetah Secure Browser,...

6.8AI score
Exploits0
Fedora
Fedora
added 2016/07/23 9:6 p.m.15 views

[SECURITY] Fedora 23 Update: kf5-khtml-5.24.0-1.fc23

KHTML is a web rendering engine, based on the KParts technology and using K JS for JavaScript support...

7.5CVSS0.3AI score0.04429EPSS
Exploits1
Fedora
Fedora
added 2016/07/23 9:6 p.m.34 views

[SECURITY] Fedora 23 Update: kf5-kdewebkit-5.24.0-1.fc23

KDE Frameworks 5 Tier 3 integration module for the HTML rendering engine We bKit...

7.5CVSS1AI score0.04429EPSS
Exploits1
Fedora
Fedora
added 2016/07/23 7:7 p.m.24 views

[SECURITY] Fedora 24 Update: kf5-kdewebkit-5.24.0-1.fc24

KDE Frameworks 5 Tier 3 integration module for the HTML rendering engine We bKit...

7.5CVSS1AI score0.04429EPSS
Exploits1
Fedora
Fedora
added 2016/07/23 7:7 p.m.23 views

[SECURITY] Fedora 24 Update: kf5-khtml-5.24.0-1.fc24

KHTML is a web rendering engine, based on the KParts technology and using K JS for JavaScript support...

7.5CVSS0.3AI score0.04429EPSS
Exploits1
Node.js
Node.js
added 2016/07/22 3:31 p.m.25 views

XSS in client rendered block templates

Overview Affected versions of rendr are vulnerable to cross-site scripting when client side rendering is done inside a block. Server side rendering is not affected and is properly escaped. Recommendation Update to version 1.1.4 or later. References - PR 61 - PR 513 - GitHub Advisory...

3.5AI score0.00713EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/07/15 2:23 a.m.42 views

XSS in /includes/decorators/global-translations.jsp

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-61888. panel Somewhat hard to exploit but still doable when it comes to cache poisoning. Steps to reproduce: Tamper with a GET request to...

6.1CVSS5.9AI score0.02111EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.34 views

Fedora 22 : webkitgtk4 (2016-f5107c318e)

This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...

8.8CVSS7.7AI score0.02905EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.30 views

Fedora 23 : webkitgtk4 (2016-c1f4334ded)

This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...

8.8CVSS7.7AI score0.02905EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/07/14 12:0 a.m.28 views

Fedora 24 : webkitgtk4 (2016-e46b75e5df)

This update addresses the following vulnerabilities : - CVE-2016-1857, CVE-2016-1856 Additional fixes : - Improved the detection of supported MIME types supported by the media player. - Fix web process crash when playing adaptive streaming media. - Change the volume while thumb slider is dragged,...

8.8CVSS7.7AI score0.02905EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability in the Firefox ESR software allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.

A vulnerability exists in the ConvolveHorizontally function of Skia for Mozilla Firefox ESR, due to improper rendering of graphic data when this function is executed. Exploiting this vulnerability allows malicious actors to execute arbitrary code, causing prolonged scaling of images; for example,...

9.3CVSS7.2AI score0.0494EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.4 views

The vulnerability of the Firefox browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

A vulnerability exists in the ConvolveHorizontally function of Skia for Mozilla Firefox, due to improper rendering of graphic data when this function is executed. Exploiting this vulnerability allows malicious actors to execute arbitrary code, causing prolonged scaling of images; for example,...

9.3CVSS7.2AI score0.0494EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this after release in core/dom/Node.cpp in Blink for Google Chrome allows malicious actors operating remotely to trigger service failures or otherwise affect the system by exploiting inconsistencies in the rendering tree...

7.5CVSS7.7AI score0.01452EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of Google Chrome allows a malicious actor to circumvent domain restriction rules.

The Google Chrome browser contains a vulnerability related to the implementation of drag-and-drop functionality. This vulnerability allows malicious actors to circumvent domain restrictions and replace local file paths by accessing resources through rendering. To exploit this vulnerability, activ...

4.3CVSS7.7AI score0.01405EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to memory reuse after deallocation use-after-free error in the browser/ui/views/speechrecognitionbubbleviews.cc file. Exploiting this vulnerability allows malicious actors to remotely cause system failures or other adverse effects through...

7.5CVSS7.7AI score0.0161EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.5 views

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to memory reuse after deallocation use-after-free error in the browser/ui/views/speechrecognitionbubbleviews.cc file. Exploiting this vulnerability allows malicious actors to remotely cause system failures or other adverse effects through...

7.5CVSS7.7AI score0.0161EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/06/17 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the CPDFDIBSource::CreateDecoder function located in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in the PDFium browser component of Google Chrome is related to improper handling of initialization errors. Exploiting this vulnerability can allow an attacker to trigger a...

4.3CVSS7AI score0.0128EPSS
Exploits0References4Affected Software1
n0where
n0where
added 2016/06/15 6:17 p.m.14 views

Phishing Template Generation Made Easy: SimplyTemplate

Phishing Template Generation Made Easy. The goal of this project was to hopefully speed up Phishing Template Gen as well as an easy way to ensure accuracy of your templates. All templates will provide you with a small meta tag. This tag will help you quickly identify the capabilities of the modul...

6.9AI score
Exploits0References1
OSV
OSV
added 2016/06/05 11:59 p.m.2 views

UBUNTU-CVE-2016-1685

core/fxge/ge/fxgetext.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...

6.5CVSS7AI score0.0128EPSS
Exploits0References3
Fedora
Fedora
added 2016/05/28 11:55 p.m.30 views

[SECURITY] Fedora 23 Update: webkitgtk4-2.12.3-1.fc23

WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3...

8.8CVSS1.8AI score0.02905EPSS
Exploits0
Rows per page
Query Builder