56 matches found
mozilla: SelectElements could be shown over another site if popups are allowed
The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack...
CVE-2024-8386
The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack...
DEBIAN-CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...
UBUNTU-CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...
CVE-2024-8386
CVE-2024-8386 : A spoofing vulnerability where, if a site has permission to open popup windows, Select elements can appear on top of another site. Affected: Firefox versions before 130, Firefox ESR before 128.2, and Thunderbird before 128.2. Impact is described in external advisories; no exploita...
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...
Mozilla Firefox < 130.0
The version of Firefox installed on the remote Windows host is prior to 130.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-39 advisory. - Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that...
PT-2024-6194 · Unknown +2 · Hdf5 Library +2
Name of the Vulnerable Software and Affected Versions: HDF5 Library versions through 1.14.3 Description: The issue is related to a heap-based buffer overflow in the H5VM array fill function in the H5VM.c file of the HDF5 Library. This overflow can be triggered when the H5S select elements functio...
Mozilla Firefox UI spoofing vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a UI spoofing vulnerability that originates when Firefox does not properly render oversized <select> elements, which can be exploited by remote attackers to perform spoofing attacks...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a UI spoofing vulnerability that originates when Firefox does not properly render oversized <select> elements, which can be exploited by remote attackers to perform spoofing attacks...
Sandbox Restrictions Bypass
chromium is vulnerable to arbitrary code execution. Incorrect lifetime handling in HTML select elements allows a remote attacker to perform a sandbox escape via a malicious HTML page...
CVE-2020-7676
angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code...
Mozilla: Incorrect parsing of template tag could result in JavaScript injection
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be...
CVE-2019-5759
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
DEBIAN-CVE-2019-5759
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
openSUSE Security Update : chromium (openSUSE-2019-204)
This update for Chromium to version 72.0.3626.96 fixes the following issues : Security issues fixed bsc1123641 and bsc1124936 : - CVE-2019-5784: Inappropriate implementation in V8 - CVE-2019-5754: Inappropriate implementation in QUIC Networking. - CVE-2019-5782: Inappropriate implementation in V8...
Debian DSA-4395-1 : chromium - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-17481 A use-after-free issue was discovered in the pdfium library. - CVE-2019-5754 Klzgrad discovered an error in the QUIC networking implementation. - CVE-2019-5755 Jay Bosamiya discovered an implementation erro...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:0204-1 Rating: important References: 1123641 1124936 Cross-References: CVE-2019-5754 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-57...
chromium-browser: Use after free in HTML select elements
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...