Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2015-6723

Malware in sbrugna...

4.3CVSS8.5AI score0.01721EPSS
Exploits0References16
CNNVD
CNNVD
added 2023/08/24 12:0 a.m.5 views

Skylark Holdings Skylark App 安全漏洞

Skylark Holdings Skylark App is a mobile application from Skylark Holdings, a Japanese company. A security vulnerability exists in Skylark Holdings Skylark App version 6.2.13 and earlier, which stems from not properly restricting the custom URL scheme, allowing an attacker to direct the program t...

4.7CVSS5AI score0.0049EPSS
Exploits0References5
NVD
NVD
added 2015/12/06 1:59 a.m.15 views

CVE-2015-6786

The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy CSP implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a pattern, which allows remote attackers to bypass intended scheme...

4.3CVSS9.2AI score0.01721EPSS
Exploits0References10
NVD
NVD
added 2015/12/06 1:59 a.m.17 views

CVE-2015-6779

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL...

4.3CVSS9AI score0.02025EPSS
Exploits0References9
Prion
Prion
added 2015/12/06 1:59 a.m.18 views

Design/Logic Flaw

The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy CSP implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a pattern, which allows remote attackers to bypass intended scheme...

4.3CVSS6.6AI score0.01721EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2015/12/06 1:0 a.m.16 views

CVE-2015-6786

Removed by vendor...

4.3CVSS8.7AI score0.01721EPSS
Exploits0
CVE
CVE
added 2015/12/06 1:0 a.m.93 views

CVE-2015-6786

CVE-2015-6786 : In Chrome/Chromium, the CSPSourceList::matches function in CSP allowed a wildcard '*' to match blob:, data:, or filesystem: URLs, bypassing CSP scheme restrictions. Affects Google Chrome before 47.0.2526.73 (Chromium upstream); impact is bypass of CSP restrictions in opportunistic...

4.3CVSS8.9AI score0.01721EPSS
Exploits0References10Affected Software1
UbuntuCve
UbuntuCve
added 2015/12/05 12:0 a.m.18 views

CVE-2015-6786

The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy CSP implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a pattern, which allows remote attackers to bypass intended scheme...

4.3CVSS7.1AI score0.01721EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/12/03 7:39 p.m.3 views

chromium-browser: Scheme bypass in PDFium

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL...

4.3CVSS7.4AI score0.02025EPSS
Exploits0References5
Rows per page
Query Builder