EUVD-2019-3386

Malware in sbrugna...

CLSA-2023-1688070107 sqlite: Fix of CVE-2020-24736

CVE-2020-24736: internally, remove all references to a Window object that belongs to an expression in an ORDER BY clause if that expression is converted to an alias of a result-set expression...

CLSA-2023-1688069016 sqlite: Fix of CVE-2020-24736

CVE-2020-24736: internally, remove all references to a Window object that belongs to an expression in an ORDER BY clause if that expression is converted to an alias of a result-set expression...

SUSE CVE-2019-11716

Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...

CVE-2021-40728

Adobe Acrobat Reader DC version 21.007.20095 and earlier, 21.007.20096 and earlier, 20.004.30015 and earlier, and 17.011.30202 and earlier is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution...

Microsoft Windows本地提权漏洞（CVE-2021-1732）

CVE-2021-1732: win32kfull xxxCreateWindowEx callback out-of-bounds Mar 25, 2021 • iamelli0t CVE-2021-1732 is a 0-Day vulnerability exploited by the BITTER APT organization in one operation which was disclosed in February this year123. This vulnerability exploits a user mode callback opportunity i...

Sandbox Bypass

firefox is vulnerable to sandbox bypass. Until explicitly accessed by script, window.global.This is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames window. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window objec...

WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads

WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads VULNERABILITY DETAILS void DocumentWriter::replaceDocumentconst String& source, Document ownerDocument ... beginmframe-document-url, true, ownerDocument; // 1 // begin might fire an unload event, which will result in a situation where...

WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads Exploit

VULNERABILITY DETAILS void DocumentWriter::replaceDocumentconst String& source, Document ownerDocument ... beginmframe-document-url, true, ownerDocument; // 1 // begin might fire an unload event, which will result in a situation where no new document has been attached, // and the old document has...

Design/Logic Flaw

Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...

CVE-2019-11716

Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...

Open Redirect

forkcms is vulnerable to open redirect attacks. The library uses the target='blank' parameter in its links, granting the linked page partial access to the window.object object, which can then be used to redirect a user to a malicious page...

Open Redirect

gatsby is vulnerable to open redirect attacks. The library does not use rel="noopener" when opening an external image link, giving the new page control over the window object via window.opener. This can cause a malicious website to redirect users to a different website...

Brave Software: Denial of service attack(window object) on brave browser

Summary: hey there, The Brave browser is vulnerable to window object based denial of service attack. The brave browser fails to sanitize a check when window.close function is called in number of dynamically generated events.. The function is called in a suppressed manner and kills the parent wind...

Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)

Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard MS15-061 Source: https://code.google.com/p/google-security-research/issues/detail?id=294 Platform: Win7 32-bit. trigger.cpp should fire the issue, with a caveat - PoC might NOT work if compiled as a debug build...

Thunderbird < 24.3 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.3 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477 - An error exists related to System...

Inconsistent JavaScript handling of access to Window objects — Mozilla

Mozilla developer Boris Zbarsky reported an inconsistency with the different JavaScript engines in how JavaScript native getters on window objects are handled by these engines. This inconsistency can lead to different behaviors in JavaScript code, allowing for a potential security issue with wind...

Use-after-free error in nsBarProp — Mozilla

Security researcher Sergey Glazunov reported that it was possible to access the locationbar property of a window object after it had been closed. Since the closed window's memory could have been subsequently reused by the system it was possible that an attempt to access the locationbar property...

CVE-2010-1939

Removed by vendor...

Apple Safari window object invalid pointer vulnerability

Overview Apple Safari contains a vulnerability in the handling of window objects, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Apple Safari fails to properly handle references to window objects. Safari can allow a window object t...