Lucene search
K

158 matches found

CNVD
CNVD
added 2022/01/26 12:0 a.m.33 views

Google Chrome Resource Management Error Vulnerability (CNVD-2022-15136)

Google Chrome is a web browser from Google, Inc. A resource management error vulnerability exists in Google Chrome that could be exploited by attackers to convince users to engage in specific user interactions that could potentially exploit heap corruption via well-designed HTML pages...

8.8CVSS3.1AI score0.0075EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/19 12:0 a.m.7 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome, which can be exploited by attackers to convince users to engage in specific user interactions to exploit heap corruption via carefully crafted HTML pages...

8.8CVSS8.6AI score0.00877EPSS
Exploits0References12
CNNVD
CNNVD
added 2022/01/19 12:0 a.m.6 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. Google Chrome is vulnerable to a resource management error that could be exploited by attackers to convince users to engage in specific user interactions to exploit heap corruption via carefully designed HTML pages...

8.8CVSS8.3AI score0.0075EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/01/19 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome, which can be exploited by attackers to potentially corrupt the heap through specific user interactions...

8.8CVSS8.6AI score0.00809EPSS
Exploits0References12
Huntr
Huntr
added 2021/07/24 8:39 a.m.11 views

Cross-Site Request Forgery (CSRF) in ampache/ampache

✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...

1.3AI score
Exploits0
Prion
Prion
added 2021/03/04 3:15 p.m.16 views

Design/Logic Flaw

An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions...

3.5CVSS4.9AI score0.00838EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2021/03/04 3:15 p.m.28 views

CVE-2021-22183

An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions...

5.4CVSS6AI score0.00838EPSS
Exploits0References4
OSV
OSV
added 2021/03/04 3:15 p.m.2 views

UBUNTU-CVE-2021-22183

An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions...

5.4CVSS6AI score0.00838EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/03/04 2:56 p.m.26 views

CVE-2021-22183

An issue has been discovered in GitLab affecting all versions starting with 11.8. GitLab was vulnerable to a stored XSS in the epics page, which could be exploited with user interactions...

4.1CVSS5.1AI score0.00838EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2021/03/04 2:56 p.m.21 views

CVE-2021-22183

Removed by vendor...

5.4CVSS6AI score0.00838EPSS
Exploits0
Hacker One
Hacker One
added 2020/09/17 4:52 p.m.24 views

U.S. Dept Of Defense: RXSS Via URI Path - https://██████████/

Hello All I Found RXSS in your OWN Website Steps To Reproduce Go to This Link https://██████/Orders/A%22onerror='alert%60xElkomy%60'testabcd/Login.aspx?ReturnUrl=/Orders Browsers I test them on Firefox and Google Chrome. Fix:- Filter input on arrival Encode data on output Use appropriate response...

2.2AI score
Exploits0
CNVD
CNVD
added 2020/04/09 12:0 a.m.2 views

Unspecified Vulnerability in IBM Resilient

IBM Resilient is a suite of incident response platforms from IBM in the United States. The platform supports functions such as incident response process orchestration and incident management. A security vulnerability exists in IBM Resilient versions 33.x and 34.0 that stems from the program faili...

6.7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2020/01/28 6:16 p.m.65 views

Ring Doorbell App for Android Caught Sharing User Data with Facebook, Data-Miners

UPDATE Amazon’s Ring Doorbell app for Android is a nexus for data-harvesting, according to an investigation by the Electronic Frontier Foundation EFF. Privacy advocates allege Ring goes so far as to silently deliver updates on Ring customer usage to Facebook, even if the Ring owner doesn’t have a...

Exploits0References6
Exploit DB
Exploit DB
added 2019/04/12 12:0 a.m.1413 views

Microsoft Internet Explorer 11 - XML External Entity Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-v11-XML-EXTERNAL-ENTITY-INJECTION-0DAY.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Internet Explorer v11 latest version...

7AI score
Exploits0
OSV
OSV
added 2018/06/11 9:29 p.m.3 views

DEBIAN-CVE-2017-7752

A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...

8.8CVSS9.1AI score0.02026EPSS
Exploits0References1
Adobe
Adobe
added 2018/04/10 12:0 a.m.28 views

APSB18-15 Security update available for the Adobe PhoneGap Push plugin

Adobe has released an update for the Adobe PhoneGap Push plugin. This update resolves a Same-Origin Method Execution SOME vulnerability CVE-2018-4943 that exists in PhoneGap apps built with the affected version of the Push plugin. This vulnerability could be exploited to trick users of PhoneGap...

8.8CVSS3.8AI score0.0687EPSS
Exploits0Affected Software1
Opera Security Advisories
Opera Security Advisories
added 2012/08/27 12:0 a.m.491 views

Truncated dialogs may be used to trick users

When an important dialog is being displayed, such as a download dialog, the entire dialog should be visible, so that the user can clearly see what the dialog's buttons will do. In some cases, specific user interactions can cause Opera not to enforce this correctly, allowing the window to become...

4.2AI score
Exploits0Affected Software1
Opera Security Advisories
Opera Security Advisories
added 2012/06/12 12:0 a.m.12 views

A combination of clicks and key presses can lead to cross site scripting or code execution – Opera Security Advisories

When a user double clicks on a page, they may expect the two clicks to target the same object. If a page uses the first click to open a pop-up window in a predictable location, the second click may focus parts of the new window, such as its address field. If the page can then convince the user to...

5.3AI score
Exploits0References1
Rows per page
Query Builder