100 matches found
PT-2024-4375
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 124.0.6367.155 Microsoft Edge affected versions not specified Description The issue is related to a use after free flaw in the ANGLE component, which can be exploited by a remote attacker to potentially corrupt...
The vulnerability in the auth_pic.cgi script of the D-Link DI-7500G-CI router’s microprogramming system allows a hacker to execute arbitrary code.
The vulnerability of the authpic.cgi microprogramming system of D-Link DI-7500G-CI routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a specially created HTML page...
The vulnerability of the Service Worker API in the Google Chrome web browser allows a hacker to execute arbitrary code.
The vulnerability of the Service Worker API in the Google Chrome web browser relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through a specially created HTML page...
SUSE CVE-2023-1230
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2022-4262
Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
The vulnerability of the Survey component in the Chrome OS operating system allows a hacker to execute arbitrary code.
The vulnerability of the Survey component in the Chrome OS operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...
Apple多款产品安全特征问题漏洞
Apple tvOS and others are products of Apple Inc.Apple tvOS is an operating system for smart TVs.Apple watchOS is an operating system for smart watches.Apple iPadOS is an operating system for iPad tablets. A vulnerability exists in various Apple products due to a security signature issue, which...
The vulnerability of the Omnibox address bar in Google Chrome allows a hacker to carry out a spoofing attack using a specially created HTML page.
The vulnerability of the Omnibox address bar in Google Chrome exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out spamming attacks using a specially created HTML page...
Vulnerability fixed in Atlassian Jira
A vulnerability has been fixed in Atlassian Jira Server and Jira Data Center. A malicious party could exploit the vulnerability to performing a Cross-Site Scripting XSS attack. A such attack can result in the execution of arbitrary script code in the browser used to visit the application. To do...
Canopy Cross-Site Scripting Vulnerability
CheckSec Canopy is a team collaboration system for cyber security from CheckSec UK. The system includes features such as document management, report generation and management, and schedule management. A cross-site scripting vulnerability exists in versions of CheckSec Canopy prior to 3.5.2, which...
Vulnerability fixed in Apple products
Vulnerabilities have been fixed in several Apple products. The vulnerabilities potentially allow a remote malicious person to able to execute arbitrary code in the context of the application if he manages to get the user to visit a rogue page visit. The vulnerabilities with CVE characteristics...
The vulnerability of Google Chrome’s Skia graphic library allows attackers to perform spoofing attacks.
The vulnerability of Google Chrome’s Skia graphics library is related to implementation errors in standardized security checks. Exploiting this vulnerability allows a malicious actor to carry out spam attacks using a specially created HTML page...
chromium-browser: Incorrect security UI in basic auth
Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...
The vulnerability of Google Chrome’s browser, related to memory usage after deallocation, allows attackers to gain unauthorized access to protected information and compromise its integrity and accessibility.
The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and compromise its integrity and availability through a specially created HTML file...
Design/Logic Flaw
Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is related to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...
PT-2019-3006 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the Chakra JavaScript engine in Microsoft Edge. This could allow a remote attacker to execute arbitrary code using a...
PT-2019-3254 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling specially crafted embedded fonts in the Windows font library. Exploitation of this issue could allow a remote attacker to execute arbitrary code a...
Unspecified Vulnerability in Sony BRAVIA Smart TVs
Sony BRAVIA Smart TVs is a smart TV from Sony Japan. A security vulnerability exists in Sony BRAVIA Smart TVs. The vulnerability can be exploited by an attacker to cause the TV to jam with the help of a specially crafted web page...