[Forgot Password]
Login  Register Subscribe

26408

 
 

132812

 
 

151447

 
 

909

 
 

120885

 
 

163

 
 
Paid content will be excluded from the download.

Filter
Matches : 124 Download | Alert*

The host is installed with Google Chrome before 45.0.2454.85 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle crafted data. Successful exploitation could allow remote attackers to execute arbitrary code or crash the service.

The host is installed with Foxit Reader before 9.1.0.5096 or Foxit PhantomPDF before 9.1.0.5096 and is prone to an use-after-free execution vulnerability. A flaw is present in the applications which fails to properly handle iDefense ID V-jyb51g3mv9 component. Successful exploitation allow remote attackers to execute arbitrary code.

The host is installed with Foxit Reader before 9.1.0.5096 or Foxit PhantomPDF before 9.1.0.5096 and is prone to an use-after-free execution vulnerability. A flaw is present in the applications which fails to properly handle iDefense ID V-y0nqfutlf3 component. Successful exploitation allow remote attackers to execute arbitrary code.

Mozilla Firefox 69, Mozilla Firefox ESR 68.1 : If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any <code>javascript:</code> URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions.

The host is installed with PHP and is prone to race condition vulnerability. A flaw is present is in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler has been defined and many concurrent signals are being delivered to it through ext/pcntl leading to a race condition. Successful exploitation allows context-dependent attackers to cause a denial of service (memory corruptio ...

Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, related to an "integer truncation issue." NOTE: this may overlap CVE-2010-1099.

The host is installed with OpenOffice.org 2.x and 3.x before 3.3 and is prone to denial of service vulnerability. A flaw is present in WW8ListManager::WW8ListManager function of oowriter, which does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document. Successful exploitation may allow a remote unprivileged user to execute ar ...

Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.

intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    ..   12

© SecPod Technologies