Lucene search
K

100 matches found

Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.9 views

PT-2024-4375

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 124.0.6367.155 Microsoft Edge affected versions not specified Description The issue is related to a use after free flaw in the ANGLE component, which can be exploited by a remote attacker to potentially corrupt...

10CVSS9.3AI score0.99735EPSS
Exploits140References1422
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.7 views

The vulnerability in the auth_pic.cgi script of the D-Link DI-7500G-CI router’s microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the authpic.cgi microprogramming system of D-Link DI-7500G-CI routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading a specially created HTML page...

5.8CVSS6.4AI score0.0063EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/02 12:0 a.m.7 views

The vulnerability of the Service Worker API in the Google Chrome web browser allows a hacker to execute arbitrary code.

The vulnerability of the Service Worker API in the Google Chrome web browser relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through a specially created HTML page...

10CVSS8.4AI score0.01059EPSS
Exploits0References15Affected Software5
SUSE CVE
SUSE CVE
added 2023/03/09 3:53 a.m.5 views

SUSE CVE-2023-1230

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS8.4AI score0.00266EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.3 views

SUSE CVE-2022-4262

Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.2AI score0.16109EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2022/10/31 12:0 a.m.8 views

The vulnerability of the Survey component in the Chrome OS operating system allows a hacker to execute arbitrary code.

The vulnerability of the Survey component in the Chrome OS operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...

10CVSS8.1AI score0.00508EPSS
Exploits0References6Affected Software5
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.3 views

Apple多款产品安全特征问题漏洞

Apple tvOS and others are products of Apple Inc.Apple tvOS is an operating system for smart TVs.Apple watchOS is an operating system for smart watches.Apple iPadOS is an operating system for iPad tablets. A vulnerability exists in various Apple products due to a security signature issue, which...

6.5CVSS6.7AI score0.01495EPSS
Exploits0References21
BDU FSTEC
BDU FSTEC
added 2022/01/10 12:0 a.m.5 views

The vulnerability of the Omnibox address bar in Google Chrome allows a hacker to carry out a spoofing attack using a specially created HTML page.

The vulnerability of the Omnibox address bar in Google Chrome exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to carry out spamming attacks using a specially created HTML page...

6.5CVSS7.1AI score0.0104EPSS
Exploits0References4Affected Software4
NCSC
NCSC
added 2022/01/05 12:0 a.m.4 views

Vulnerability fixed in Atlassian Jira

A vulnerability has been fixed in Atlassian Jira Server and Jira Data Center. A malicious party could exploit the vulnerability to performing a Cross-Site Scripting XSS attack. A such attack can result in the execution of arbitrary script code in the browser used to visit the application. To do...

6.1CVSS6.2AI score0.55364EPSS
Exploits0
CNVD
CNVD
added 2021/06/24 12:0 a.m.9 views

Canopy Cross-Site Scripting Vulnerability

CheckSec Canopy is a team collaboration system for cyber security from CheckSec UK. The system includes features such as document management, report generation and management, and schedule management. A cross-site scripting vulnerability exists in versions of CheckSec Canopy prior to 3.5.2, which...

4.8CVSS6.2AI score0.00836EPSS
Exploits1References1
NCSC
NCSC
added 2021/05/04 12:0 a.m.3 views

Vulnerability fixed in Apple products

Vulnerabilities have been fixed in several Apple products. The vulnerabilities potentially allow a remote malicious person to able to execute arbitrary code in the context of the application if he manages to get the user to visit a rogue page visit. The vulnerabilities with CVE characteristics...

8.8CVSS7.4AI score0.04528EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.7 views

The vulnerability of Google Chrome’s Skia graphic library allows attackers to perform spoofing attacks.

The vulnerability of Google Chrome’s Skia graphics library is related to implementation errors in standardized security checks. Exploiting this vulnerability allows a malicious actor to carry out spam attacks using a specially created HTML page...

4.3CVSS6.6AI score0.00845EPSS
Exploits0References15Affected Software7
RedHat Linux
RedHat Linux
added 2020/08/10 6:40 a.m.3 views

chromium-browser: Incorrect security UI in basic auth

Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS7.4AI score0.01505EPSS
Exploits0References5
OSV
OSV
added 2020/07/22 5:15 p.m.6 views

CVE-2020-6506

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page...

6.5CVSS6.7AI score
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.5 views

The vulnerability of Google Chrome’s browser, related to memory usage after deallocation, allows attackers to gain unauthorized access to protected information and compromise its integrity and accessibility.

The vulnerability of Google Chrome relates to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and compromise its integrity and availability through a specially created HTML file...

9.3CVSS7.3AI score0.01457EPSS
Exploits1References11Affected Software5
Prion
Prion
added 2019/11/25 3:15 p.m.25 views

Design/Logic Flaw

Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

2.6CVSS4.5AI score0.00839EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/09/02 12:0 a.m.6 views

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is related to errors in memory object handling. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

4.2CVSS6AI score0.01883EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.3 views

PT-2019-3006 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the Chakra JavaScript engine in Microsoft Edge. This could allow a remote attacker to execute arbitrary code using a...

7.6CVSS8.5AI score0.01883EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.3 views

PT-2019-3254 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling specially crafted embedded fonts in the Windows font library. Exploitation of this issue could allow a remote attacker to execute arbitrary code a...

10CVSS8.5AI score0.29051EPSS
Exploits0References10
CNVD
CNVD
added 2019/07/11 12:0 a.m.6 views

Unspecified Vulnerability in Sony BRAVIA Smart TVs

Sony BRAVIA Smart TVs is a smart TV from Sony Japan. A security vulnerability exists in Sony BRAVIA Smart TVs. The vulnerability can be exploited by an attacker to cause the TV to jam with the help of a specially crafted web page...

7.8CVSS6.8AI score0.03541EPSS
Exploits2References1
Rows per page
Query Builder