19 matches found
CVE-2026-34001
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...
EUVD-1999-0962
Malware in sbrugna...
EUVD-2015-4522
Malware in sbrugna...
CVE-2023-48231
Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit 25aabc2b which has been included in release version...
SUSE CVE-2015-4502
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site...
The vulnerability of the Fly-wm file manager in the Astra Linux operating system allows a hacker to gain unauthorized access to the user’s session, as well as to cause a service failure.
The vulnerability of the Fly-wm file manager in the Astra Linux operating system is related to an error that causes buffer overflows and unauthorized access to a locked user’s session when entering a specially crafted, large-length password. Additionally, there are security issues with the sumac...
Apple Webkit Named Property UXSS
Apple Webkit: UXSS by accessing a named property from an unloaded window CVE-2017-2367 The frame is not detached from an unloaded window. We can access to the new document's named properties via the following function. static bool...
Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window
Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window document auto& htmlDocument = downcastdocument; auto atomicPropertyName = propertyName.publicName; if atomicPropertyName && htmlDocument.hasWindowNamedItematomicPropertyName JSValue namedItem; if...
The vulnerability of Microsoft Edge browser allows a hacker to bypass existing access restrictions policies.
The vulnerability of Microsoft Edge is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to bypass existing policies that restrict access to HTML elements in other browser windows...
The vulnerability of Microsoft Edge browser allows a hacker to bypass existing access restrictions policies.
The vulnerability of Microsoft Edge is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to bypass existing policies that restrict access to HTML elements in other browser windows...
The performance benefits of rel=noopener
If you have links to another origin, you should use rel="noopener", especially if they open in a new tab/window. Example site Without this, the new page can access your window object via window.opener. Thankfully the origin security model of the web prevents it reading your page, but no-thankfull...
CVE-2015-4502
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site...
Design/Logic Flaw
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site...
CVE-2015-4502
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site...
CVE-2015-4502
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site...
UBUNTU-CVE-2015-4502
js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site...
Mozilla Products Multiple Vulnerabilities - 01 - (Mar 2012) - Windows
Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BakBone NetVault 7.1 - Local Privilege Escalation
BakBone NetVault 7.1 - Local Privilege Escalation // ===== Start UnhideNetVaultServiceWindow.c ====== include include int main void HWND hWnd; char szWindowName = "C:\Program Files\BakBone Software\NetVault\bin\nvstatsmngr.exe"; printf "Finding window %s\n", szWindowName ; hWnd = FindWindow...
Microsoft Internet Explorer 5 - IFrame/Frame Cross-Site/Zone Script Execution
source: https://www.securityfocus.com/bid/5672/info When a Microsoft Internet Explorer MSIE window opens another window, security checks should prevent the parent from accessing the child if the latter is of another domain or Security Zone. It has been reported that such checks fails to occur...