SUSE CVE-2015-2710

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets CSS token sequence...

SUSE CVE-2017-6820

rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...

Design/Logic Flaw

A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets CSS token sequence. Hitachi Command Suite includes...

CVE-2018-21033

The CVE-2018-21033 vulnerability affects Hitachi Command Suite (and related products) prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00, and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00. The issue allows authenticated remote users to load an arbitrary CSS token sequen...

CVE-2017-0037

Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheet...

CVE-2016-5127

Removed by vendor...

CVE-2015-6184

The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service type confusion and memory corruption via a malformed Cascading Style Sheets CSS token sequence in conjunction with modifications to HTML...

CVE-2015-2713

Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a document containing crafted text in...

CVE-2015-2713

Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a document containing crafted text in...

CVE-2015-2713

CVE-2015-2713 is a use-after-free in Mozilla Firefox (SetBreaks) affecting Firefox before 38.0, Firefox ESR before 31.7, and Thunderbird before 31.7. An attacker could craft a document with specific CSS tokens for vertical text to cause heap memory corruption, enabling remote code execution or a ...

UBUNTU-CVE-2015-2710

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets CSS token sequence...

CVE-2015-1228

CVE-2015-1228 affects Google Chrome (Blink) before 41.0.2272.76. The vulnerability is caused by RenderCounter::updateCounter not forcing a relayout and not initializing memory for a data structure, which can be triggered by a crafted CSS token sequence. The result is a denial of service (applicat...

Out-of-bounds

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...

CVE-2015-0826

The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds read of heap memory via a crafted Cascading Style Sheets CSS token sequence that triggers a restyle or reflow operation...

CVE-2014-8967

Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...

CVE-2014-8967

Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets CSS token sequence specifying the run-in value for the display property, leading to improper CElement reference...

DEBIAN-CVE-2014-9036

Cross-site scripting XSS vulnerability in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted Cascading Style Sheets CSS token sequence in a post...

CVE-2011-0473

Removed by vendor...

UBUNTU-CVE-2010-3821

WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets CSS token sequence, which allows remote attackers to execute arbitrary code or cause a denial of...