56 matches found
Critical: Red Hat Security Advisory: chromium-browser security update
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 72 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 72.0.3626.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
Cross-site Scripting in actionpack
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...
GHSA-2XJJ-5X6H-8VMF Cross-site Scripting in actionpack
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...
Fedora 24 : webkitgtk4 (2017-37f68e3534)
This update addresses the following vulnerabilities : - CVE-2017-2538 Additional fixes : - Fix web process deadlock when seeking youtube videos. - Fix blob downloads. - Improve theme rendering performance when using GTK+ = 3.20. - Fix positioning of popup menus in Wayland. - Fix JavaScriptCore...
Fedora 25 : webkitgtk4 (2017-bff1b87765)
This update addresses the following vulnerabilities : - CVE-2017-2538 Additional fixes : - Fix web process deadlock when seeking youtube videos. - Fix blob downloads. - Improve theme rendering performance when using GTK+ = 3.20. - Fix positioning of popup menus in Wayland. - Fix JavaScriptCore...
The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.
The Google Chrome browser contains a vulnerability related to incorrect checking of the render state during the focus event in the object model of the document DOM implementation of Blink for Google Chrome. Exploiting this vulnerability allows malicious actors to cause service failures or otherwi...
Type confusion
core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibl...
Ubuntu: Security Advisory (USN-2009-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : thunderbird vulnerabilities (USN-2010-1)
Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the...
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)
Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...
Mozilla Thunderbird Multiple Vulnerabilities - Oct 12 (Windows)
The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvulnoct12win.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - Oct 12 Windows Authors: Arun Kallavi Copyright:...
CVE-2012-5354
CVE-2012-5354 is covered by details in connected advisories/plugins. The open-connected sources show that Mozilla Firefox before 16.0, Mozilla Thunderbird before 16.0, and SeaMonkey before 2.13 are vulnerable to a clickjacking-style issue when navigating away from a page that has an active set of...
CVE-2012-1099
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...
CVE-2012-1099
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...
CVE-2012-1099 rubygem-actionpack: XSS in the "select" helper
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...