15 matches found
Improper Restriction of Rendered UI Layers or Frames
Overview ciguard is a Static security auditor for CI/CD pipelines — now with a Model Context Protocol server pip install 'ciguardmcp' exposing scan / scanrepo / explainrule / diffbaseline / listrules to Claude Desktop / Claude Code / Cursor. Plus .ciguardignore rationale-required suppression,...
EUVD-2009-2831
Malware in sbrugna...
Astro-Shield 安全漏洞
Astro-Shield is KindSpells Labs open source a library . It is used to calculate sub-resource integrity hashes for JS scripts and CSS stylesheets. Astro-Shield has a security vulnerability that stems from the CSP header generation feature allowing the listing of maliciously injected resources...
SUSE CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
Creating Awareness of External JavaScript Libraries in Web Applications
Qualys Web Application Scanning WAS routinely reviews and solicits customer feedback regarding vulnerabilities. This may be to enhance the detection or the detections reporting. Previously, all JavaScript libraries detected on an application are reported under the Information Gathering QID 150176...
Adobe Flash - URL Resource Use-After-Free
Adobe Flash - URL Resource Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=410&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id The following crash was observed in Flash Player 17.0.0.188 on Windows: 81c.854: Access violation - code...
Adobe Flash - URL Resource Use-After-Free
Source: https://code.google.com/p/google-security-research/issues/detail?id=410&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id The following crash was observed in Flash Player 17.0.0.188 on Windows: 81c.854: Access violation - code c0000005 first chance First chance...
Google Chrome Multiple Vulnerabilities - Nov2012 (Windows)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnnov12win.nasl 5931 2017-04-11 09:02:04Z teissa $ Google Chrome Multiple Vulnerabilities - Nov2012 Windows Authors: Antu Sanadi Copyright: Copyright c 2012...
Google Chrome Multiple Vulnerabilities - Nov2012 (Linux)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnnov12lin.nasl 5999 2017-04-21 09:02:32Z teissa $ Google Chrome Multiple Vulnerabilities - Nov2012 Linux Authors: Antu Sanadi Copyright: Copyright c 2012...
Design/Logic Flaw
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2009-2841
CVE-2009-2841 affects WebKit’s HTMLMediaElement: loadResource in WebCore (WebKit before r49480) used by Safari before 4.0.4 on macOS. The vulnerability arises because HTML5 media elements with external URLs do not perform the expected callbacks, enabling a remote attacker to trigger sub-resource ...
CVE-2009-2841
Removed by vendor...