Lucene search
K

183 matches found

ubuntucve
ubuntucve
added 2019/09/04 12:0 a.m.36 views

CVE-2019-11741

A compromised sandboxed content process can perform a Universal Cross-site Scripting UXSS attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these site...

6.1CVSS6.6AI score0.00587EPSS
Exploits0References3
cnvd
cnvd
added 2019/07/04 12:0 a.m.2 views

Google Chrome Script Injection Vulnerability (CNVD-2019-21125)

Google Chrome is a web browser from Google, an American company. A script injection vulnerability exists in Google Chromium versions prior to 69.0.3497.81. An attacker can exploit this vulnerability to execute malicious scripts in a user's browser...

5.8CVSS8.8AI score0.00466EPSS
Exploits0References1
nessus
nessus
added 2019/05/13 12:0 a.m.23 views

Rockwell Automation/Allen-Bradley 1768-EWEB Ethernet/IP Enhanced Web Server Module

Binary data 69.prm...

7.3AI score
Exploits0
osv
osv
added 2019/01/09 7:29 p.m.0 views

CVE-2018-16078

Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS5.8AI score0.01848EPSS
Exploits0References5
osv
osv
added 2019/01/09 7:29 p.m.5 views

UBUNTU-CVE-2018-16071

A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file...

8.8CVSS7.3AI score0.04798EPSS
Exploits1References3
osv
osv
added 2019/01/09 7:29 p.m.7 views

UBUNTU-CVE-2018-17459

Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

6.5CVSS7AI score0.00985EPSS
Exploits0References2
nessus
nessus
added 2019/01/03 12:0 a.m.39 views

Fedora 28 : chromium (2018-13d8c35127)

Update to Chromium 69. EPEL-7 update is blocked by a GCC bug: 1629813, so as soon as devtoolset-8 arrives... Fixes a lot of security issues, like every major release of Chromium, including CVE-2018-16087 CVE-2018-16088 CVE-2018-16086CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068...

9.6CVSS6.6AI score0.05264EPSS
Exploits3References27
threatpost
threatpost
added 2018/09/26 2:48 p.m.12 views

Google Vows Privacy Changes in Chrome Browser After User Backlash

Google took steps to quiet critics Wednesday after irking them earlier this week when data privacy issues tied to Chrome 69 came to light. On Sunday, Matthew Green, a cryptographer and professor at Johns Hopkins University, blasted Google for what he said were questionable privacy policies in...

7AI score
Exploits0References17
nessus
nessus
added 2018/09/24 12:0 a.m.48 views

Fedora 27 : chromium (2018-4a16e37c81)

The remote Fedora 27 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2018-4a16e37c81 advisory. Update to Chromium 69. EPEL-7 update is blocked by a GCC bug: 1629813, so as soon as devtoolset-8 arrives... Fixes a lot of security issues, like...

9.6CVSS7.9AI score0.05264EPSS
Exploits3References59
opensuse
opensuse
added 2018/09/22 9:28 a.m.419 views

Security update for chromium (important)

This update for Chromium to version 69.0.3497.81 fixes multiple issues. Security issues fixed boo1107235: - CVE-2018-16065: Out of bounds write in V8 - CVE-2018-16066:Out of bounds read in Blink - CVE-2018-16067: Out of bounds read in WebAudio - CVE-2018-16068: Out of bounds write in Mojo -...

0.6AI score0.05264EPSS
Exploits3References2
redhat
redhat
added 2018/09/10 9:31 p.m.5 views

chromium-browser: Multiple download restriction bypass

Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

4.3CVSS7.4AI score0.00971EPSS
Exploits0References5
redhat
redhat
added 2018/09/10 9:31 p.m.7 views

chromium-browser: Use after free in WebRTC

A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file...

8.8CVSS7.4AI score0.04798EPSS
Exploits1References5
redhat
redhat
added 2018/09/10 9:31 p.m.6 views

chromium-browser: Out of bounds write in V8

A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.8AI score0.03239EPSS
Exploits0References5
redhat
redhat
added 2018/09/10 9:31 p.m.5 views

chromium-browser: User gesture requirement bypass

A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page...

6.5CVSS7.5AI score0.01146EPSS
Exploits0References5
cnvd
cnvd
added 2018/09/07 12:0 a.m.6 views

Google Chrome Blink Buffer Overflow Vulnerability (CNVD-2019-03614)

Google Chrome is a web browser developed by Google Inc. Blink is a browser layout engine rendering engine jointly developed by Google Inc. and Opera Software of Norway. A buffer overflow vulnerability exists in Blink in versions of Google Chrome prior to 69.0.3497.81. The vulnerability can be...

6.5CVSS7.5AI score0.01459EPSS
Exploits0References1
cnvd
cnvd
added 2018/09/07 12:0 a.m.2 views

Google Chrome DevTools Information Disclosure Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. Devtools is one of the development and debugging tools. An information disclosure vulnerability exists in DevTools in versions of Google Chrome prior to 69.0.3497.81. A remote attacker can exploit the vulnerability ...

7.4CVSS7.5AI score0.01064EPSS
Exploits0References1
cnvd
cnvd
added 2018/09/07 12:0 a.m.3 views

Google Chrome WebRTC Buffer Overflow Vulnerability

Google Chrome is a web browser developed by Google, Inc. WebRTC is a component of the browser that supports real-time voice or video conversations. A buffer overflow vulnerability exists in WebRTC in Google Chrome versions prior to 69.0.3497.81. An attacker can exploit the vulnerability to obtain...

8.8CVSS8.8AI score0.05264EPSS
Exploits1References1
cnvd
cnvd
added 2018/09/07 12:0 a.m.3 views

Google Chrome URL Spoofing Vulnerability (CNVD-2018-22398)

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the full-screen mode in Google Chrome versions prior to 69.0.3497.81. A remote attacker can exploit the vulnerability to forge URLs...

6.5CVSS7.2AI score0.01363EPSS
Exploits0References1
threatpost
threatpost
added 2018/09/05 6:34 p.m.31 views

Google Rolls Out 40 Fixes with Chrome 69

Google has officially lifted the curtain on Chrome 69 for Windows, Mac and Linux this week. The tech giant’s latest browser version comes loaded with new security features and a slew of patches. Overall, the update included 40 security fixes. Several of those were rated “high,” including five...

6.8CVSS7.6AI score0.04798EPSS
Exploits2References6
nvd
nvd
added 2018/07/03 2:29 p.m.11 views

CVE-2018-4853

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to port 69/udp could modify the firmware of the device...

10CVSS9.3AI score0.02296EPSS
Exploits0References2
Rows per page
Query Builder