CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в chromium

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...

8.8CVSS7.1AI score0.00347EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-27630

Malware in sbrugna...

6.5CVSS7.9AI score0.00495EPSS

Exploits1References13

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-3401

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00215EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-2920

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00058EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 2:52 a.m.•4 views

CVE-2018-1000177

A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be executed in...

5.4CVSS5.9AI score0.00058EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 3:32 a.m.•1 views

SUSE CVE-2022-3050

Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions...

8.8CVSS9.3AI score0.01087EPSS

Exploits0References5

OSV•added 2022/09/26 4:15 p.m.•1 views

DEBIAN-CVE-2022-3043

Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.2AI score0.01306EPSS

Exploits0References1

OSV•added 2022/09/26 4:15 p.m.•1 views

UBUNTU-CVE-2022-2859

Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions...

8.8CVSS5.8AI score0.01536EPSS

Exploits0References2

OSV•added 2022/09/26 4:15 p.m.•1 views

UBUNTU-CVE-2022-3051

Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions...

8.8CVSS7.5AI score0.01392EPSS

Exploits0References2

OSV•added 2022/08/12 8:15 p.m.•0 views

UBUNTU-CVE-2022-2609

Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions...

8.8CVSS7.3AI score0.01042EPSS

Exploits0References2

Github Security Blog•added 2022/05/14 3:18 a.m.•13 views

Stored XSS vulnerability in Jenkins S3 Publisher Plugin

5.4CVSS5.9AI score0.00058EPSS

Exploits0References3Affected Software1

Github Security Blog•added 2022/05/14 2:57 a.m.•17 views

Stored Cross-Site Scripting Vulnerability in Jenkins Shelve Project Plugin

A cross-site scripting vulnerability exists in Jenkins Shelve Project Plugin 1.5 and earlier in ShelveProjectAction/index.jelly, ShelvedProjectsAction/index.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that...

5.4CVSS5.9AI score0.00058EPSS

Exploits0References3Affected Software1

OSV•added 2022/05/14 2:57 a.m.•15 views

GHSA-7577-F8FP-5977 Stored Cross-Site Scripting Vulnerability in Jenkins Shelve Project Plugin

5.4CVSS5.1AI score0.00058EPSS

Exploits0References2

Github Security Blog•added 2022/05/13 1:1 a.m.•25 views

Improper Neutralization of Input During Web Page Generation in Jenkins

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that other us...

5.4CVSS4.8AI score0.00158EPSS

Exploits0References5Affected Software1

Prion•added 2020/05/21 4:15 a.m.•17 views

Authorization

Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions...

4.3CVSS6.7AI score0.00495EPSS

Exploits1References9Affected Software5

UbuntuCve•added 2020/05/21 4:15 a.m.•19 views

CVE-2020-6480

Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions...

6.5CVSS6.9AI score0.00495EPSS

Exploits1References3

Debian CVE•added 2020/05/21 3:46 a.m.•29 views

CVE-2020-6480

Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions...

6.5CVSS7.4AI score0.00495EPSS

Exploits1

CVE•added 2020/05/21 3:46 a.m.•175 views

CVE-2020-6480

CVE-2020-6480 is documented as an access restriction bypass in Chromium/Google Chrome’s enterprise component, caused by insufficient policy enforcement. The Arch Linux ASA-202005-12 details multiple issues with chromium before 83.0.4103.61-1, including the CVE-2020-6480 bypass of navigation restr...

6.5CVSS6.6AI score0.00495EPSS

Exploits1References9Affected Software1

OSV•added 2018/08/01 1:29 p.m.•10 views

CVE-2018-1999029

5.4CVSS5.9AI score

Exploits0References1

Prion•added 2018/08/01 1:29 p.m.•7 views

Cross site scripting

3.5CVSS5.1AI score0.00058EPSS

Exploits0References1Affected Software1

Rows per page