Debian DSA-4103-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2017-15420 Drew Springall discovered a URL spoofing issue. - CVE-2017-15429 A cross-site scripting issue was discovered in the v8 JavaScript library. - CVE-2018-6031 A use-after-free issue was discovered in the pdfium...

Google Chrome for Mac, Windows and Linux Shared Worker Source Policy Bypass Vulnerability

Google Chrome for Mac, Windows and Linux is a web browser developed by Google for the Mac, Windows and Linux platforms.Shared Worker is one of the content sharing components of Google Chrome. A security vulnerability exists in Shared Worker in versions of Google Chrome prior to 64.0.3282.119 on...

openSUSE Security Update : chromium (openSUSE-2018-103)

This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed : - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...

Security update for chromium (important)

This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed: - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3544-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3544-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...

Ubuntu: Security Advisory (USN-3544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3544-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP...

USN-3544-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP...

UBUNTU-CVE-2018-5116

WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with th...

Cheetah Mobile Armorfly Browser&Downloader Security Bypass Vulnerability

Cheetah Mobile Armorfly Browser&Downloader is a browser with download function from Cheetah Mobile China. A security bypass vulnerability exists in Cheetah Mobile Armorfly Browser&Downloader version 1.1.05.0010. An attacker can exploit this vulnerability to bypass the same-origin policy...

Cheetah Mobile CM Browser Security Bypass Vulnerability

Cheetah Mobile CM Browser is a web browser from Cheetah Mobile, a Chinese company. A security bypass vulnerability exists in Cheetah Mobile CM Browser version 5.22.06.0012. An attacker could exploit this vulnerability to bypass the same-origin policy...

CVE-2018-5326

Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

CVE-2018-5327

Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

CVE-2018-5326

Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

CVE-2018-5327

Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

Design/Logic Flaw

Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

Code injection

Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

CVE-2018-5327

Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

CVE-2018-5326

Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

CVE-2018-5327

CVE-2018-5327 affects Cheetah Mobile Armorfly Browser & Downloader (version 1.1.05.0010) on older Android platforms, where a flaw allows bypass of the Same-Origin Policy. The connected CNVD/NVD records describe a security bypass vulnerability enabling cross-origin access, but do not specify exact...