CVE-2019-11762

The CVE-2019-11762 issue is a cross-origin origin isolation bug where two same-origin documents setting document.domain differently could allow calling arbitrary DOM methods/getters/setters on the now-cross-origin window. Affected products include Firefox (<70) and Firefox ESR (<68.2), and ...

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0231)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerabilit...

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0233)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was foun...

chromium-browser: Insufficient validation of untrusted input in Blink

Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content...

chromium-browser: Insufficient policy enforcement in WebSockets

Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

Important: thunderbird

Issue Overview: Several memory safety bugs were discovered in Mozilla Firefox and Thunderbird. Memory corruption and arbitrary code execution are possible with these vulnerabilities. These bugs can be exploited over the network.CVE-2019-11764 A flaw was discovered in both Firefox and Thunderbird...

CVE-2019-18378

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting XSS exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentiall...

CVE-2019-18378

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting XSS exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentiall...

Cross site scripting

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting XSS exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentiall...

CVE-2019-18378

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting XSS exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentiall...

CVE-2019-13741

Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content...

CVE-2019-13727

Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

Google Chrome Blink Input Validation Error Vulnerability

Google Chrome is a Web browser from Google, a U.S. company. Blink is a browser layout engine rendering engine jointly developed by Google and Norway's OperaSoftware. An input validation error vulnerability exists in Google Chrome Blink. An attacker could exploit this vulnerability to bypass the...

Google Chrome Same Origin Policy Bypass Vulnerability (CNVD-2020-00270)

Google Chrome is a web browser from Google, and WebSockets is one of the communication protocols used to exchange data between the client and the server. Google Chrome suffers from a same-origin policy bypass vulnerability that stems from the program's failure to fully implement the policy. The...

Ubuntu: Security Advisory (USN-4202-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-13741

Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content...

CVE-2019-13741

Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content...

DEBIAN-CVE-2019-13741

Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content...

CVE-2019-13727

Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

CVE-2019-13727

Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page...