Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in poppler-22, poppler

In Poppler 22.07.0, the PDFDoc::savePageAs function in PDFDoc.c allows attackers to cause a denial-of-service attack the application crashes with SIGABRT by manipulating a PDF file in which the xref data structure is improperly handled during the getCatalog process. Note that this vulnerability i...

6.5CVSS6.7AI score0.00921EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5166

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

3.1CVSS8.7AI score0.0126EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.4 views

SUSE CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

6.1CVSS8.3AI score0.01406EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.4 views

The vulnerability of the WebBrowserPersist component in the Firefox browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the WebBrowserPersist component in the Firefox browser is related to errors that occur when executing the “Save Page As…” function. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

7.8CVSS7.1AI score0.01406EPSS
Exploits0References6Affected Software3
RedhatCVE
RedhatCVE
added 2019/04/04 8:20 a.m.22 views

CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

6.5CVSS2.4AI score0.01406EPSS
Exploits0References2
OSV
OSV
added 2019/02/28 6:29 p.m.4 views

CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

6.5CVSS7.4AI score0.01406EPSS
Exploits0References6
Prion
Prion
added 2019/02/28 6:29 p.m.14 views

Design/Logic Flaw

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

4.3CVSS7.1AI score0.01406EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2019/02/28 6:0 p.m.18 views

CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

7.2AI score0.01406EPSS
Exploits0References6
OSV
OSV
added 2018/10/24 12:0 a.m.2 views

UBUNTU-CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

6.5CVSS7AI score0.01406EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/09/12 7:39 p.m.7 views

chromium-browser: smb relay attack via save page as

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

3.1CVSS7.4AI score0.0126EPSS
Exploits0References5
OSV
OSV
added 2016/09/11 10:59 a.m.3 views

CVE-2016-5166

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

3.1CVSS6.8AI score0.0126EPSS
Exploits0References12
OSV
OSV
added 2016/09/11 10:59 a.m.4 views

UBUNTU-CVE-2016-5166

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

3.1CVSS6.8AI score0.0126EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/09/05 12:0 a.m.40 views

Debian Security Advisory DSA 3660-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5147 A cross-site scripting issue was discovered. CVE-2016-5148 Another cross-site scripting issue was discovered. CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling. CVE-2016-5150 ...

7.5CVSS0.1AI score0.04702EPSS
Exploits0References1
OSV
OSV
added 2016/09/05 12:0 a.m.45 views

DSA-3660-1 chromium-browser - security update

Bulletin has no description...

8.8CVSS6.8AI score0.04702EPSS
Exploits0
Rows per page
Query Builder