Lucene search
K

9802 matches found

UbuntuCve
UbuntuCve
added 2010/06/15 6:0 p.m.27 views

CVE-2010-2300

Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to handlers for DOM mutation...

10CVSS7.6AI score0.08919EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2010/06/15 6:0 p.m.37 views

CVE-2010-2296

The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...

9.3CVSS5.9AI score0.01528EPSS
Exploits0References1
Prion
Prion
added 2010/06/15 6:0 p.m.24 views

Memory corruption

Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to handlers for DOM mutation...

10CVSS7.6AI score0.15733EPSS
Exploits6References7Affected Software1
Prion
Prion
added 2010/06/15 6:0 p.m.23 views

Information disclosure

The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...

9.3CVSS6.7AI score0.01528EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2010/06/15 6:0 p.m.25 views

Design/Logic Flaw

Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE:...

10CVSS8AI score0.06346EPSS
Exploits0References7Affected Software4
Cvelist
Cvelist
added 2010/06/15 5:48 p.m.25 views

CVE-2010-2300

Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to handlers for DOM mutation...

8.7AI score0.08919EPSS
Exploits0References7
Cvelist
Cvelist
added 2010/06/15 5:48 p.m.27 views

CVE-2010-2302

Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE:...

8.8AI score0.02981EPSS
Exploits0References7
CVE
CVE
added 2010/06/15 5:48 p.m.55 views

CVE-2010-2296

Google Chrome before 5.0.375.70 is affected by CVE-2010-2296 due to the implementation of unspecified DOM methods that can bypass the Same Origin Policy via unknown vectors. The vulnerability enables remote attackers to circumvent SOP, with impact described as complete confidentiality/integrity/a...

9.3CVSS8.3AI score0.01528EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2010/06/15 5:48 p.m.83 views

CVE-2010-2302

CVE-2010-2302 is a use-after-free in WebKit’s WebCore affecting Google Chrome prior to 5.0.375.70. The flaw involves remote fonts used with shadow DOM trees and can cause memory corruption, leading to a denial of service or potential arbitrary code execution. Affected component: WebKit/WebCore in...

10CVSS8.7AI score0.02981EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2010/06/15 5:48 p.m.56 views

CVE-2010-2300

CVE-2010-2300 is a use-after-free vulnerability in WebKit’s WebCore (Element::normalizeAttributes in dom/Element.cpp) affecting Google Chrome builds prior to 5.0.375.70. The issue can lead to remote code execution or memory corruption via DOM mutation-event handling vectors, per the description. ...

10CVSS8.6AI score0.08919EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2010/06/15 5:48 p.m.31 views

CVE-2010-2300

Removed by vendor...

10CVSS8.4AI score0.08919EPSS
Exploits0
Debian CVE
Debian CVE
added 2010/06/15 5:48 p.m.27 views

CVE-2010-2296

Removed by vendor...

9.3CVSS6.7AI score0.01528EPSS
Exploits0
NVD
NVD
added 2010/06/11 7:30 p.m.18 views

CVE-2010-1758

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...

9.3CVSS8.8AI score0.06698EPSS
Exploits0References24
Prion
Prion
added 2010/06/11 7:30 p.m.24 views

Design/Logic Flaw

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...

9.3CVSS8AI score0.06698EPSS
Exploits0References24Affected Software1
UbuntuCve
UbuntuCve
added 2010/06/11 7:30 p.m.42 views

CVE-2010-1758

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...

9.3CVSS7.5AI score0.06698EPSS
Exploits0References2
EUVD
EUVD
added 2010/06/11 7:0 p.m.4 views

EUVD-2010-1778

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving DOM Range objects...

9.3CVSS8.7AI score0.06698EPSS
Exploits0References25
CVE
CVE
added 2010/06/11 7:0 p.m.72 views

CVE-2010-1758

CVE-2010-1758 is a use-after-free vulnerability in WebKit affecting Safari up to version 5.x (Mac OS X 10.5–10.6) and Windows, and WebKit on Mac OS X 10.4. The issue arises from DOM Range handling and can lead to remote code execution or application crashes. Connected documents confirm related We...

9.3CVSS8.7AI score0.06698EPSS
Exploits0References24Affected Software2
Debian CVE
Debian CVE
added 2010/06/11 7:0 p.m.28 views

CVE-2010-1758

Removed by vendor...

9.3CVSS8.4AI score0.06698EPSS
Exploits0
NVD
NVD
added 2010/06/11 6:0 p.m.12 views

CVE-2010-1414

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the removeChild DOM method...

9.3CVSS8.7AI score0.06698EPSS
Exploits0References24
NVD
NVD
added 2010/06/11 6:0 p.m.22 views

CVE-2010-1395

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issu...

4.3CVSS6.8AI score0.02933EPSS
Exploits0References21
Rows per page
Query Builder