[Forgot Password]
Login  Register Subscribe

24003

 
 

131423

 
 

103942

 
 

909

 
 

84080

 
 

133

 
 
Paid content will be excluded from the download.

Filter
Matches : 11085 Download | Alert*

The host is installed with Mozilla Firefox before 48.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to display password data if he could find a way to read the session restoration file.

The host is installed with Mozilla Firefox before 48.0 and is prone to a location bar spoofing vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows remote attackers to perform potential spoofing in the Location bar by using non-ASCII and emoji characters in a data: url's mediatype.

The host is installed with Mozilla Firefox before 48.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows remote attackers to run arbitrary code.

The host is installed with Adobe Digital Editions before 4.5.2 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow attackers to execute arbitrary code.

The host is installed with Silverlight 5 or Silverlight 5 Developer Runtime and is prone to a memory corruption vulnerability. A flaw is present in the application, which improperly allows applications to access objects in memory. An attacker who successfully exploited this vulnerability could corrupt system memory and execute arbitrary code.

Mozilla Firefox before 55.0 :- A content security policy (CSP) frame-ancestors directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information.

Mozilla Firefox before 55.0 :- A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash.

Mozilla Firefox before 55.0 :- JavaScript in the about:webrtc page is not sanitized properly being assigned to innerHTML. Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting (XSS) attack.

Mozilla Firefox before 55.0 :- Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin.

Mozilla Firefox before 55.0 :- On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file named "update.log" instead of the one intended.


Pages:      Start    1011    1012    1013    1014    1015    1016    1017    1018    1019    1020    1021    1022    1023    1024    ..   1108

© 2013 SecPod Technologies