CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

62 matches found

exploitpack•added 2017/05/25 12:0 a.m.•10 views

WebKit - ContainerNode::parserInsertBefore Universal Cross-Site Scripting

WebKit - ContainerNode::parserInsertBefore Universal Cross-Site Scripting Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=1146 https://bugs.chromium.org/p/chromium/issues/detail?id=519558 VULNERABILITY DETAILS From /WebKit/Source/core/dom/ContainerNode.cpp: ---------------- voi...

6.8AI score

Exploits0

0day.today•added 2017/05/25 12:0 a.m.•29 views

WebKit - ContainerNode::parserRemoveChild Universal Cross-Site Scripting Exploit

Exploit for multiple platform in category dos / poc let xml = let p = document.querySelector'p'; let link = p.appendChilddocument.createElement'link'; link.rel = 'stylesheet'; link.href = 'data:,aaaaazxczxczzxzcz'; let btn = document.body.appendChilddocument.createElement'button'; btn.id = 'btn';...

7.4AI score

Exploits0

Packet Storm•added 2017/05/25 12:0 a.m.•22 views

WebKit Patch #1110 Universal Cross Site Scripting

WebKit: UXSS: the patch of 1110 made another bug Here's the patch of 1110. https://trac.webkit.org/changeset/212218/trunk/Source/WebCore/dom/ContainerNode.cpp void ContainerNode::parserRemoveChildNode& oldChild disconnectSubframesIfNeededthis, DescendantsOnly; d = document.querySelector'div'; p =...

7.4AI score

Exploits0

0day.today•added 2017/05/25 12:0 a.m.•35 views

WebKit - ContainerNode::parserInsertBefore Universal Cross-Site Scripting Exploit

Exploit for multiple platform in category dos / poc Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=1146 https://bugs.chromium.org/p/chromium/issues/detail?id=519558 VULNERABILITY DETAILS From /WebKit/Source/core/dom/ContainerNode.cpp: ---------------- void...

4.3CVSS7.6AI score0.01026EPSS

Exploits2

Exploit DB•added 2017/05/25 12:0 a.m.•26 views

WebKit - 'ContainerNode::parserInsertBefore' Universal Cross-Site Scripting

Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=1146 https://bugs.chromium.org/p/chromium/issues/detail?id=519558 VULNERABILITY DETAILS From /WebKit/Source/core/dom/ContainerNode.cpp: ---------------- void ContainerNode::parserInsertBeforePassRefPtrWillBeRawPtr newChild, Node&...

7.4AI score

Exploits0

Exploit DB•added 2017/05/25 12:0 a.m.•20 views

WebKit - 'ContainerNode::parserRemoveChild' Universal Cross-Site Scripting

let xml = let p = document.querySelector'p'; let link = p.appendChilddocument.createElement'link'; link.rel = 'stylesheet'; link.href = 'data:,aaaaazxczxczzxzcz'; let btn = document.body.appendChilddocument.createElement'button'; btn.id = 'btn'; btn.onfocus = = btn.onfocus = null; window.d =...

7.4AI score

Exploits0

exploitpack•added 2017/05/25 12:0 a.m.•18 views

WebKit - ContainerNode::parserRemoveChild Universal Cross-Site Scripting

WebKit - ContainerNode::parserRemoveChild Universal Cross-Site Scripting let xml = let p = document.querySelector'p'; let link = p.appendChilddocument.createElement'link'; link.rel = 'stylesheet'; link.href = 'data:,aaaaazxczxczzxzcz'; let btn =...

6.8AI score

Exploits0

Packet Storm•added 2017/05/25 12:0 a.m.•28 views

WebKit ContainerNode::parserRemoveChild (2) Universal Cross Site Scripting

WebKit: UXSS via ContainerNode::parserRemoveChild 2 Here's a snippet of ContainerNode::parserRemoveChild. void ContainerNode::parserRemoveChildNode& oldChild disconnectSubframesIfNeededthis, DescendantsOnly; let xml = let p = document.querySelector'p'; let link =...

7.4AI score

Exploits0

seebug.org•added 2017/04/24 12:0 a.m.•34 views

Chrome Universal XSS via ContainerNode::parserInsertBefore (CVE-2015-6755)

VULNERABILITY DETAILS From /WebKit/Source/core/dom/ContainerNode.cpp: void ContainerNode::parserInsertBeforePassRefPtrWillBeRawPtr newChild, Node& nextChild ... while RefPtrWillBeRawPtr parent = newChild-parentNode parent-parserRemoveChildnewChild; if document != newChild-document document...

7.5CVSS9.2AI score0.01042EPSS

Exploits1

seebug.org•added 2017/04/24 12:0 a.m.•44 views

Chrome Universal XSS using widget updates in ContainerNode::parserRemoveChild (CVE-2016-1630)

VULNERABILITY DETAILS There are 3 methods where ContainerNode::removeBetween is invoked: 1. ContainerNode::removeChild 2. ContainerNode::parserRemoveChild 3. ContainerNode::removeChildren The calls in 1 and 3 are within the scope of HTMLFrameOwnerElement::UpdateSuspendScope, but 2 is unprotected...

6.8CVSS9AI score0.0097EPSS

Exploits1

BDU FSTEC•added 2016/07/06 12:0 a.m.•3 views

The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this functionality after release in core/dom/ContainerNode.cpp, within the implementation of the object model for documents in Blink for Google Chrome, allows malicious actors who operate remotely to trigger service failures or exert other effects on the system by executing a script...

7.5CVSS7.7AI score0.03248EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2016/03/17 12:0 a.m.•1 views

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions policies.

The vulnerability of the ContainerNode::parserRemoveChild function in the Blink kernel of Google Chrome’s browser is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass existing access control policies by using a specially crafted websi...

6.8CVSS7.7AI score0.0097EPSS

Exploits1References4Affected Software1

OSV•added 2016/03/06 2:59 a.m.•2 views

CVE-2016-1630

The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...

8.8CVSS7.3AI score0.0097EPSS

Exploits1References12

Prion•added 2016/03/06 2:59 a.m.•20 views

Design/Logic Flaw

6.8CVSS6.4AI score0.0097EPSS

Exploits1References12Affected Software1

Cvelist•added 2016/03/06 2:0 a.m.•23 views

CVE-2016-1630

8.6AI score0.0097EPSS

Exploits1References12

Debian CVE•added 2016/03/06 2:0 a.m.•27 views

CVE-2016-1630

Removed by vendor...

8.8CVSS9.3AI score0.0097EPSS

Exploits1

UbuntuCve•added 2016/03/05 12:0 a.m.•35 views

CVE-2016-1630

8.8CVSS7.2AI score0.0097EPSS

Exploits1References3

seebug.org•added 2015/12/09 12:0 a.m.•12 views

Google Chrome 'ContainerNode::notifyNodeInsertedInternal'内存错误引用漏洞

No description provided by source...

7.1AI score

Exploits0

CNVD•added 2015/12/07 12:0 a.m.•1 views

Google Chrome 'ContainerNode::notifyNodeInsertedInternal' memory misreference vulnerability

Google Chrome is a web browser developed by the American company Google Google. A memory misreference vulnerability exists in the 'ContainerNode:: notifyNodeInsertedInternal' function in the WebKit/Source/core/dom/ContainerNode.cpp file in the DOM implementation of Google Chrome prior to version...

7.5CVSS8.9AI score0.01583EPSS

Exploits0References1

Prion•added 2015/12/06 1:59 a.m.•17 views

Design/Logic Flaw

Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via...

7.5CVSS7.6AI score0.01583EPSS

Exploits0References10Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by