34 matches found
EUVD-2026-16917
A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...
CVE-2026-4995
wandb OpenUI up to version 1.0 is affected. The vulnerability targets the Window Message Event Handler in frontend/public/annotator/index.html, enabling cross-site scripting. Exploitation can be performed remotely, and the exploit has been publicly disclosed. The vendor was contacted early but di...
CVE-2026-4995 wandb OpenUI Window Message Event index.html cross site scripting
A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...
CVE-2026-4995 wandb OpenUI Window Message Event index.html cross site scripting
A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...
PT-2026-28713
Name of the Vulnerable Software and Affected Versions wandb OpenUI versions up to 1.0 Description A cross site scripting issue exists in the file frontend/public/annotator/index.html of the Window Message Event Handler component. This manipulation can be initiated remotely and the exploit has bee...
CVE-2026-2345
Proctorio Chrome Extension is a browser extension used for online proctoring. The extension contains multiple window.addEventListener'message', ... handlers that do not properly validate the origin of incoming messages. Specifically, an internal messaging bridge processes messages based solely on...
CVE-2026-2345
Proctorio Chrome Extension is a browser extension used for online proctoring. The extension contains multiple window.addEventListener'message', ... handlers that do not properly validate the origin of incoming messages. Specifically, an internal messaging bridge processes messages based solely on...
CVE-2023-5654
The React Developer Tools extension registers a message listener with window.addEventListener'message', in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch. The URL is not...
WindowHistory Tool
Created Date: 03/22/2006 Updated Date: 09/29/2017 Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Navigate to your platform: WindowHistory64 4.0 for x64 Platforms| WindowHistory 4.0 for...
Race condition
A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentication. The PSFTPd server did not automatically restart, which enabled attackers to perform a very effective DoS attack against this service. By...
Microsoft Edge Security Mechanism Bypass Vulnerability
Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A security mechanism bypass vulnerability exists in Microsoft Edge mishandles exceptions during window-message dispatch operations, allowing remote attackers to...
Security feature bypass
Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."...
CVE-2016-0080
Microsoft Edge mishandles exceptions during window-message dispatch operations, which allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge ASLR Bypass."...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (8)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (5)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (7)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (6)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (4)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...