Lucene search
K

61 matches found

CNVD
CNVD
added 2021/06/11 12:0 a.m.7 views

Google Chrome post-release reuse vulnerability (CNVD-2021-43408)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability exists in "Extensions" in Google Chrome versions prior to 91.0.4472.101. No details of the vulnerability are available at this ti...

8.8CVSS6.1AI score0.01101EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/11 12:0 a.m.5 views

Google Chrome post-release reuse vulnerability (CNVD-2021-43402)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability exists in "Extensions" in Google Chrome versions prior to 91.0.4472.101. No details of the vulnerability are available at this ti...

8.8CVSS6.1AI score0.00977EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/09 12:0 a.m.7 views

Microsoft HEVC Video 安全漏洞

Microsoft HEVC Video Extensions is a video extension application from Microsoft USA. The application enables computers and devices to read High Efficiency Video Coding or HEVC video. A security vulnerability exists in HEVC Video Extensions. The following products and versions are affected: HEVC...

7.8CVSS7.3AI score0.03899EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/03/09 12:0 a.m.4 views

PT-2021-2414 · Microsoft · Hevc Video Extensions

Name of the Vulnerable Software and Affected Versions: HEVC Video Extensions affected versions not specified Description: The issue is related to incorrect code generation management in the HEVC Video Extension codec. Exploitation of this issue may allow an attacker to execute arbitrary code...

7.8CVSS7.6AI score0.04953EPSS
Exploits0References11
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome Extensions. An attacker can exploit this vulnerability to bypass security restrictions...

4.3CVSS8.4AI score0.01311EPSS
Exploits1References11
CNVD
CNVD
added 2021/03/03 12:0 a.m.7 views

Google Chrome Extension Security Bypass Vulnerability

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome Extensions. An attacker can exploit this vulnerability to bypass security restrictions...

4.3CVSS6.2AI score0.01311EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/01/28 12:0 a.m.5 views

The vulnerability in the loading of Mozilla Firefox browser extensions allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Mozilla Firefox browser extensions relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by loading a specially created script...

7.8CVSS7.4AI score0.01679EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2020/11/11 7:15 a.m.6 views

CVE-2020-17110

HEVC Video Extensions Remote Code Execution Vulnerability...

7.8CVSS7.2AI score0.03735EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/10 12:0 a.m.2 views

Google Chrome Extensions Security Bypass Vulnerability (CNVD-2019-17514)

Google Chrome is the United States Google Google company's a Web browser. Extensions is one of the open source PDF rendering engine. A security vulnerability exists in Extensions in versions prior to Google Chrome 75.0.3770.80. An attacker can exploit this vulnerability to bypass security...

4.3CVSS8.7AI score0.00785EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/02/21 12:0 a.m.3 views

The vulnerability of the SQL Extensions sub-component of the Oracle Applications Manager component in the Oracle E-Business Suite allows a perpetrator to modify protected data.

The vulnerability of the SQL Extensions component of the Oracle Applications Manager, a business automation system within the Oracle E-Business Suite, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify,...

5CVSS6AI score0.01192EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/12/11 4:29 p.m.4 views

UBUNTU-CVE-2018-18344

Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension...

6.5CVSS7AI score0.01498EPSS
Exploits0References2
CNVD
CNVD
added 2018/07/25 12:0 a.m.6 views

Google Chrome Request Elevation of Privilege Vulnerability

Google Chrome is a web browser developed by Google, Inc.Extensions is one of the browser extensions. A security vulnerability exists in Extensions in Google Chrome versions prior to 68.0.3440.75. A remote attacker can exploit the vulnerability to gain elevated privileges with the help of a...

7.4AI score
Exploits0References1
CNVD
CNVD
added 2018/06/06 12:0 a.m.6 views

Google Chrome Extensions Security Bypass Vulnerability (CNVD-2018-15057)

Google Chrome is a web browser developed by Google, Inc.Extensions is one of the browser extensions. A security vulnerability exists in Extensions in Google Chrome versions prior to 67.0.3396.62. A remote attacker can exploit the vulnerability with the help of a specially crafted website to bypas...

8.1CVSS8.3AI score0.00632EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/27 12:0 a.m.4 views

Intel® Software Guard Extensions Elevation of Privilege Vulnerability

Intel® Software Guard Extensions are Intel technologies that application developers are seeking to protect the disclosure or modification of select code and data. An elevation of privilege vulnerability exists in Intel® Software Guard Extensions. Allows an attacker to compromise the security of S...

9.3CVSS9.2AI score0.01439EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/12/07 7:8 p.m.5 views

chromium-browser: address spoofing in omnibox

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...

6.5CVSS7.4AI score0.0123EPSS
Exploits0References5
CNVD
CNVD
added 2016/07/27 12:0 a.m.2 views

Google Chrome Content Misreference Vulnerability (CNVD-2016-05596)

Google Chrome is a web browsing tool developed by Google. A memory misreference vulnerability exists in extensions/renderer/userscriptinjector.cc in the Extensions subsystem of Google Chrome prior to version 52.0.2743.82. It could allow a remote attacker to cause a denial of service...

8.8CVSS8.9AI score0.01381EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/06/01 10:50 a.m.4 views

chromium-browser: information leak in extensions

The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions...

6.5CVSS7.4AI score0.01445EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/05/02 12:36 p.m.7 views

chromium-browser: use-after-free in extensions

extensions/renderer/gccallback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...

10CVSS7.7AI score0.03881EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/10/17 4:4 p.m.11 views

OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

7.6CVSS7.4AI score0.04826EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/06/27 3:44 p.m.5 views

php: zend_strndup() NULL pointer dereference may cause DoS

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

5CVSS7.5AI score0.122EPSS
Exploits9References4
Rows per page
Query Builder