CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

CNNVD•added 2023/09/27 12:0 a.m.•2 views

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A post-release use vulnerability exists in Mozilla Firefox ImageBitmap on process shutdown, which can be exploited by a remote attacker to submit a special Web request, tricking the user into parsing i...

9.8CVSS6.6AI score0.00351EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:1 a.m.•1 views

SUSE CVE-2016-5145

Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code...

8.8CVSS9AI score0.01001EPSS

Exploits0References7

Veracode•added 2019/05/27 12:39 a.m.•39 views

Information Disclosure

firefox/thunderbird is vulnerable to information disclosure. Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method...

4.3CVSS6.4AI score0.00813EPSS

Exploits0References21Affected Software2

NVD•added 2019/04/26 5:29 p.m.•10 views

CVE-2019-9797

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

5.3CVSS5.3AI score0.0041EPSS

Exploits0References19

AlpineLinux•added 2019/04/26 4:13 p.m.•46 views

CVE-2019-9797

5.3CVSS6.2AI score0.0041EPSS

Exploits0

Debian CVE•added 2019/04/26 4:13 p.m.•17 views

CVE-2019-9797

5.3CVSS7.8AI score0.0041EPSS

Exploits0

Cvelist•added 2018/06/11 9:0 p.m.•16 views

CVE-2017-5428

An integer overflow in "createImageBitmap" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. Thi...

8.9AI score0.00371EPSS

Exploits1References5

RedHat Linux•added 2016/08/09 5:1 a.m.•2 views

chromium-browser: Same origin bypass for images in Blink

8.8CVSS7.4AI score0.01001EPSS

Exploits0References5

OSV•added 2016/08/07 7:59 p.m.•0 views

CVE-2016-5145

8.8CVSS7.3AI score

Exploits0References12

Prion•added 2016/08/07 7:59 p.m.•9 views

Design/Logic Flaw

6.8CVSS6.5AI score0.01001EPSS

Exploits0References12Affected Software1

Debian CVE•added 2016/08/07 7:0 p.m.•20 views

CVE-2016-5145

Removed by vendor...

8.8CVSS9.3AI score0.01001EPSS

Exploits0

CVE•added 2016/08/07 7:0 p.m.•76 views

CVE-2016-5145

Blink vulnerability in CVE-2016-5145 allows a Same Origin Policy bypass: after a structure-clone of an ImageBitmap created from a cross-origin image, a taint property is not preserved, enabling remote JavaScript to exfiltrate or access cross-origin data. Affected software: Google Chrome prior to ...

8.8CVSS8.7AI score0.01001EPSS

Exploits0References12Affected Software1

Cvelist•added 2016/08/07 7:0 p.m.•25 views

CVE-2016-5145

8.8AI score0.01001EPSS

Exploits0References12