[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

146396

 
 

909

 
 

117043

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 781 Download | Alert*

Security researcher Cody Crews reported a method to bypass System Only Wrappers (SOW) by using XML Binding Language (XBL) content scopes to clone protected XUL elements. This could be used to clone anonymous nodes, making trusted XUL content web accessible.

Fredrik "Flonka" Lnnqvist discovered an issue with image decoding in RasterImage caused by continued use of discarded images. This could allow for the writing to unowned memory and a potentially exploitable crash.

Security researcher Arthur Gerkis , via TippingPoint"s Zero Day Initiative, reported a use-after-free during image processing from sites with specific content types in concert with the imgRequestProxy function. This causes a potentially exploitable crash.

Security researcher Masato Kinugawa reported a cross-origin information leak through web workers" error messages. This violates same-origin policy and the leaked information could potentially be used to gather authentication tokens and other data from third-party websites.

Mozilla developer Boris Zbarsky reported an inconsistency with the different JavaScript engines in how JavaScript native getters on window objects are handled by these engines. This inconsistency can lead to different behaviors in JavaScript code, allowing for a potential security issue with window handling by bypassing of some security checks.

The host is missing a security update according to Apple advisory, APPLE-SA-2017-12-13-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successful exploitation could allow attackers to execute an arbitrary code or track an user in a privileged network session.

The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successful exploitation could allow attackers to execute an arbitrary code or track an user in a privileged ...

The host is missing a security update according to Apple advisory, APPLE-SA-2018-1-23-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to execute an arbitrary code or track an user in a privileged network session.

The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to execute an arbitrary code or track an user in a privileged network session.

The host is missing an important security update according to Microsoft security bulletin, MS13-054. The update is required to fix multiple vulnerabilities. The flaws are present in the Microsoft Office 2003 SP3 /2007 SP3 /2010 SP1, Windows, Visual Studio .NET 2003 SP1, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, which fail to handle a specially crafted TTF file. Successful exploitation coul ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   78

© SecPod Technologies