132 matches found
DEBIAN-CVE-2019-5833
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...
UBUNTU-CVE-2019-5833
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...
CVE-2019-5833
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...
CVE-2019-5833
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...
chromium-browser: Inconsistent security UI placement
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...
CVE-2019-5833
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...
Remote Code Execution
Microsoft ChakraCore is susceptible to remote code execution. During reparsing of coroutines, it does not maintain the same scoping number for coroutines, causing the register with yield data to change...
CVE-2015-5462
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features...
CVE-2018-10581
In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated Team scoping. This occurs in situations where this authenticated user also belongs to multiple...
CVE-2018-9039
In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow. In other words, they can see machines beyond their team's scoped environments...
CVE-2018-9039
CVE-2018-9039 affects Octopus Deploy 2.0 and later up to (but not including) 2018.3.7, where an authenticated user with variable-edit permissions can scope some variables to targets beyond their allowed permissions and see machines outside their teamās scoped environments. Root cause: insufficien...
CVE-2018-4862
In Octopus Deploy versions 3.2.11 - 4.1.5 fixed in 4.1.6, an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges...
CVE-2018-4862
In Octopus Deploy versions 3.2.11 - 4.1.5 fixed in 4.1.6, an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges...
CVE-2018-4862
In Octopus Deploy versions 3.2.11 - 4.1.5 fixed in 4.1.6, an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges...
New PCI DSS Scoping Guidance Corroborates Coalfireās Approach
On Friday, December 6th 2016, the PCI Security Standards Council released their formal information supplement titled, Guidance for PCI DSS Scoping and Network Segmentation. This particular information supplement has been eagerly anticipated in the PCI DSS industry for several years. The document...
[SECURITY] [DSA 3351-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3351-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 03, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3351-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3351-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 03, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3351-1 (chromium-browser - security update)
Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1291 A cross-origin bypass issue was discovered in DOM. CVE-2015-1292 Mariusz Mlynski discovered a cross-origin bypass issue in ServiceWorker. CVE-2015-1293 Mariusz Mlynski discovered a cross-origin bypass issue in...
DSA-3351-1 chromium-browser - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3351-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...