CVE-2016-9897

Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...

UBUNTU-CVE-2016-9897

Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...

DEBIAN-CVE-2016-6628

An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

Default credentials

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

UBUNTU-CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

UBUNTU-CVE-2016-6628

An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...

Microsoft Internet Explorer 9 MSHTML - CDisp­Node::Insert­Sibling­Node Use-After-Free (MS13-037) (1)

Exploit for windows platform in category dos / poc window.onload=functionlocation.reload;; text .float float:left; .zoom zoom:3000%; .border::first-let...

ALPINE-CVE-2016-9106

Memory leak in the v9fswrite function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption by leveraging failure to free an IO vector...

CVE-2016-9106

Memory leak in the v9fswrite function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption by leveraging failure to free an IO vector...

CVE-2016-9106

Memory leak in the v9fswrite function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption by leveraging failure to free an IO vector...

Memory corruption

Memory leak in the v9fswrite function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption by leveraging failure to free an IO vector...

CVE-2016-9106

Memory leak in the v9fswrite function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption by leveraging failure to free an IO vector...

CVE-2016-9106

Memory leak in the v9fswrite function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption by leveraging failure to free an IO vector...

chromium-browser: universal xss in blink

Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

Google Chrome SVG Same-Origin Bypass Vulnerability

Google Chrome is a web browser developed by the American company Google Google. A same-origin bypass vulnerability exists in Google Chrome SVG. An attacker can exploit this vulnerability to bypass the same-origin policy...

Microsoft Edge - CBase­Scriptable::Private­Query­Interface Memory Corruption (MS16-068)

Source: http://blog.skylined.nl/20161205001.html Synopsis A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Edge. I did not investigate this vulnerability thoroughly, so I cannot speculate on the potential impact or exploitability. Known affected software and...

Mozilla Firefox URL Redirection Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A remote URL redirection vulnerability exists in Mozilla Firefox. An attacker can exploit this vulnerability by constructing a malicious URL to trick users into clicking on a link and being...