Lucene search
K

58 matches found

Positive Technologies
Positive Technologies
added 2022/09/21 12:0 a.m.3 views

PT-2022-25414 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.3.0 through 2.3.4 Description: The issue concerns a part of a URL that was unnecessarily formatted, allowing for possible information extraction. Recommendations: For Apache Airflow versions 2.3.0 through 2.3.4, upda...

8.7CVSS6.5AI score0.01573EPSS
Exploits0References15
OSV
OSV
added 2022/09/13 6:15 p.m.9 views

CVE-2022-32190

JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath"https://go.dev", "../go" returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result...

7.5CVSS7.5AI score
Exploits0References4
CNNVD
CNNVD
added 2022/08/06 12:0 a.m.7 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 103.0.5060.134, which stemmed from an improperly implemented vulnerability in URL formatting...

6.5CVSS6.4AI score0.0048EPSS
Exploits1References5
OSV
OSV
added 2022/07/28 1:15 a.m.3 views

UBUNTU-CVE-2022-2165

Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

4.3CVSS5.8AI score0.00724EPSS
Exploits0References2
CVE
CVE
added 2022/07/28 12:41 a.m.212 views

CVE-2022-2165

CVE-2022-2165 — Summary : The connected sources confirm a vulnerability in Google Chrome (desktop) stemming from insufficient data validation in URL formatting, enabling domain spoofing via IDN homographs with a crafted domain name. The issue affects Chrome up to version 103.0.5060.53 and is addr...

4.3CVSS5AI score0.00724EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/22 12:0 a.m.4 views

PT-2023-4307 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 103.0.5060.134 Description: The issue is related to an inappropriate implementation in URL formatting, which can be exploited by a remote attacker to perform domain spoofing via a crafted HTML page. This can be...

8.8CVSS6.1AI score0.17864EPSS
Exploits1References33
OPENSUSE Linux
OPENSUSE Linux
added 2022/06/29 12:0 a.m.47 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10035-1 Rating: important References: 1200783 Cross-References: CVE-2022-2156 CVE-2022-2157 CVE-2022-2158 CVE-2022-2160 CVE-2022-2161 CVE-2022-2162 CVE-2022-2163 CVE-2022-2164 CVE-2022-2165 Affected Products:...

8.8CVSS8.3AI score0.01312EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/06/27 12:0 a.m.37 views

Mageia: Security Advisory (MGASA-2022-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01312EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2022/06/23 7:0 a.m.71 views

Chromium: CVE-2022-2165 Insufficient data validation in URL formatting

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS6AI score0.00724EPSS
Exploits0
Kitploit
Kitploit
added 2021/10/29 8:30 p.m.111 views

Scarce-Apache2 - A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public

This tool can scan websites with CVE-2021-41773 Vulnerability that are affecting Apache2 Webserver, ScaRCE can run too for executing Remote Command Injections at the webservers that found from the scanning method Only if the MODCGI is Enabled at the targeted webserver. This tool works with the...

7.5CVSS9.5AI score0.99992EPSS
Exploits151References1
Tenable Nessus
Tenable Nessus
added 2021/04/07 12:0 a.m.60 views

Debian DSA-4886-1 : chromium - security update

Several vulnerabilites have been discovered in the chromium web browser. - CVE-2021-21159 Khalil Zhani discovered a buffer overflow issue in the tab implementation. - CVE-2021-21160 Marcin Noga discovered a buffer overflow issue in WebAudio. - CVE-2021-21161 Khalil Zhani discovered a buffer...

8.8CVSS7.9AI score0.26525EPSS
Exploits26References83
CVE
CVE
added 2021/03/09 5:46 p.m.198 views

CVE-2021-21187

CVE-2021-21187 is a Chromium/Google Chrome URL formatting vulnerability caused by insufficient data validation in the URL formatting code. It allows a remote attacker to perform domain spoofing via IDN homographs when a crafted domain name is used, with impact described as spoofing and potential ...

4.3CVSS5AI score0.01451EPSS
Exploits0References7Affected Software1
Kaspersky
Kaspersky
added 2021/03/04 12:0 a.m.47 views

KLA12107 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An...

8.8CVSS9.6AI score0.26525EPSS
Exploits24References36
CNVD
CNVD
added 2021/03/03 12:0 a.m.6 views

Google Chrome URL Formatting Security Bypass Vulnerability

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome URL formatting. An attacker can exploit this vulnerability to bypass security restrictions...

4.3CVSS6.2AI score0.01451EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/03 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome URL formatting. An attacker can exploit this vulnerability to bypass security restrictions...

4.3CVSS8.4AI score0.01451EPSS
Exploits0References11
Kaspersky
Kaspersky
added 2021/03/02 12:0 a.m.476 views

KLA12106 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A heap buff...

8.8CVSS9.3AI score0.26525EPSS
Exploits25References4
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.43 views

RHEL 6 : chromium-browser (RHSA-2020:2544)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2544 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 83.0.4103.97. Security Fixes:...

9.6CVSS7.2AI score0.06414EPSS
Exploits13References62
NVD
NVD
added 2020/05/21 4:15 a.m.14 views

CVE-2020-6481

Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name...

6.5CVSS6.8AI score0.01539EPSS
Exploits0References9
Prion
Prion
added 2020/05/21 4:15 a.m.22 views

Design/Logic Flaw

Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name...

4.3CVSS6.6AI score0.01539EPSS
Exploits0References9Affected Software5
Prion
Prion
added 2020/05/21 4:15 a.m.25 views

Input validation

Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name...

4.3CVSS6.4AI score0.00887EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder