CVE-2017-15430

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2017-15430

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2017-15430

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

Input validation

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

UBUNTU-CVE-2017-15430

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2017-15430

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

CVE-2017-15430

CVE-2017-15430 affects the Chromecast plugin in Google Chrome prior to 63.0.3239.84. Root cause: insufficient data validation in the Chromecast plugin. Impact: remote attacker could inject arbitrary scripts/HTML (UXSS) via a crafted HTML page. Public references note the vulnerability in Chrome’s ...

CVE-2017-15430

Removed by vendor...

Multiple Philips Products Incorrectly Validated Vulnerability

Philips PageWriter TC10 Cardiograph and others are different models of electrocardiograph equipment from Philips Netherlands. A security vulnerability exists in a number of Philips products, which stems from the device not validating user-submitted data. An attacker could exploit the vulnerabilit...

EulerOS 2.0 SP3 : gnupg2 (EulerOS-SA-2018-1223)

According to the version of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject...

Amazon Linux 2 : gnupg2 (ALAS-2018-1045)

A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication mechanisms and could ha...

Important: gnupg2

Issue Overview: A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Type confusion

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-14280

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-14289

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2018-11622

Summary (CVE-2018-11622) : A boundary/overflow flaw in Foxit Reader’s ConvertToPDF_x86.dll (CVSS up to 8.8) allows a remote attacker to execute arbitrary code after the user visits a malicious page or opens a crafted file. Affected: Foxit Reader on Windows (e.g., versions around 9.0.1.1049 and ea...

chromium-browser: Request privilege escalation in Extensions

Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...

CVE-2018-6154

Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...