The vulnerability in the visual Git client SourceTree exists due to the lack of measures taken to neutralize special elements used in the operating system command. This allows a malicious user to execute arbitrary commands.

The vulnerability of the visual Git client SourceTree exists because measures to neutralize special elements used in the operating system command are not taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by modifying the URL address...

CVE-2017-7814

File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise ...

Security vulnerabilities fixed in Firefox 56 — Mozilla

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake addre...