61 matches found
Google Chrome post-release reuse vulnerability (CNVD-2021-43408)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability exists in "Extensions" in Google Chrome versions prior to 91.0.4472.101. No details of the vulnerability are available at this ti...
Google Chrome post-release reuse vulnerability (CNVD-2021-43402)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability exists in "Extensions" in Google Chrome versions prior to 91.0.4472.101. No details of the vulnerability are available at this ti...
Microsoft HEVC Video 安全漏洞
Microsoft HEVC Video Extensions is a video extension application from Microsoft USA. The application enables computers and devices to read High Efficiency Video Coding or HEVC video. A security vulnerability exists in HEVC Video Extensions. The following products and versions are affected: HEVC...
PT-2021-2414 · Microsoft · Hevc Video Extensions
Name of the Vulnerable Software and Affected Versions: HEVC Video Extensions affected versions not specified Description: The issue is related to incorrect code generation management in the HEVC Video Extension codec. Exploitation of this issue may allow an attacker to execute arbitrary code...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome Extensions. An attacker can exploit this vulnerability to bypass security restrictions...
Google Chrome Extension Security Bypass Vulnerability
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome Extensions. An attacker can exploit this vulnerability to bypass security restrictions...
The vulnerability in the loading of Mozilla Firefox browser extensions allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of Mozilla Firefox browser extensions relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by loading a specially created script...
CVE-2020-17110
HEVC Video Extensions Remote Code Execution Vulnerability...
Google Chrome Extensions Security Bypass Vulnerability (CNVD-2019-17514)
Google Chrome is the United States Google Google company's a Web browser. Extensions is one of the open source PDF rendering engine. A security vulnerability exists in Extensions in versions prior to Google Chrome 75.0.3770.80. An attacker can exploit this vulnerability to bypass security...
The vulnerability of the SQL Extensions sub-component of the Oracle Applications Manager component in the Oracle E-Business Suite allows a perpetrator to modify protected data.
The vulnerability of the SQL Extensions component of the Oracle Applications Manager, a business automation system within the Oracle E-Business Suite, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify,...
UBUNTU-CVE-2018-18344
Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension...
Google Chrome Request Elevation of Privilege Vulnerability
Google Chrome is a web browser developed by Google, Inc.Extensions is one of the browser extensions. A security vulnerability exists in Extensions in Google Chrome versions prior to 68.0.3440.75. A remote attacker can exploit the vulnerability to gain elevated privileges with the help of a...
Google Chrome Extensions Security Bypass Vulnerability (CNVD-2018-15057)
Google Chrome is a web browser developed by Google, Inc.Extensions is one of the browser extensions. A security vulnerability exists in Extensions in Google Chrome versions prior to 67.0.3396.62. A remote attacker can exploit the vulnerability with the help of a specially crafted website to bypas...
Intel® Software Guard Extensions Elevation of Privilege Vulnerability
Intel® Software Guard Extensions are Intel technologies that application developers are seeking to protect the disclosure or modification of select code and data. An elevation of privilege vulnerability exists in Intel® Software Guard Extensions. Allows an attacker to compromise the security of S...
chromium-browser: address spoofing in omnibox
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...
Google Chrome Content Misreference Vulnerability (CNVD-2016-05596)
Google Chrome is a web browsing tool developed by Google. A memory misreference vulnerability exists in extensions/renderer/userscriptinjector.cc in the Extensions subsystem of Google Chrome prior to version 52.0.2743.82. It could allow a remote attacker to cause a denial of service...
chromium-browser: information leak in extensions
The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions...
chromium-browser: use-after-free in extensions
extensions/renderer/gccallback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...
OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...
php: zend_strndup() NULL pointer dereference may cause DoS
PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...