Lucene search
K

103 matches found

BDU FSTEC
BDU FSTEC
added 2022/08/29 12:0 a.m.4 views

The vulnerability in the implementation of the Fullscreen API standard for browsers Google Chrome and Microsoft Edge allows a perpetrator to disclose protected information.

The vulnerability of the Fullscreen API implementation in Google Chrome and Microsoft Edge is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability can allow a malicious actor to disclose protected information through a specially created w...

9.4CVSS5.8AI score0.00527EPSS
Exploits0References12Affected Software7
OSV
OSV
added 2022/08/12 8:15 p.m.1 views

DEBIAN-CVE-2022-2612

Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

6.5CVSS6.8AI score0.00622EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/08 12:0 a.m.8 views

The vulnerability of Google Chrome browsers, related to the use of memory after it is freed, allows attackers to disclose protected information.

The vulnerability of Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through a specially created web page...

7.8CVSS7.5AI score0.00506EPSS
Exploits0References10Affected Software5
CNVD
CNVD
added 2022/05/26 12:0 a.m.8 views

Google Chrome ANGLE Component Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in the ANGLE component of Google Chrome versions prior to 102.0.5005.61, which stems from a confusion in the instructions responsible for freeing memory in the ANGLE component program. An...

8.8CVSS7.2AI score0.00735EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.7 views

The vulnerability of the Elcomplus SmartPPT SCADA server, related to insufficient verification of the HTTP request source, allows a hacker to execute a CSRF attack.

The vulnerability of the Elcomplus SmartPPT SCADA server is related to insufficient security checks on the HTTP request source. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using a specially created web page...

8CVSS7.7AI score0.00344EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.5 views

The vulnerability of Google Chrome’s storage mechanism allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s storage mechanism is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code through a specially created web page...

10CVSS7.6AI score0.0052EPSS
Exploits1References9Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.7 views

The vulnerability of the software interface of the Background Fetch API in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Background Fetch API programming interface in Google Chrome and Microsoft Edge browsers is related to improperly implemented security checks for standard elements. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to protected...

9.4CVSS6.8AI score0.00756EPSS
Exploits1References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.8 views

The vulnerability of the Shopping Cart component in Google Chrome and Microsoft Edge browsers allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Shopping Cart component in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created web page...

7.8CVSS7AI score0.0073EPSS
Exploits1References10Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.7 views

Microsoft Edge browser’s vulnerability, related to improper code generation management, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created web page...

8.3CVSS7.8AI score0.01742EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.6 views

Microsoft Edge browser’s vulnerability, related to improper code generation management, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created web page...

8.3CVSS7.8AI score0.01742EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.6 views

The vulnerability of the Accessibility component in Google Chrome browser allows a perpetrator to access confidential information.

The vulnerability of the Accessibility component in Google Chrome browser relates to memory usage after deallocation. Exploiting this vulnerability could allow an attacker to access confidential information through a specially created web page...

7.1CVSS7AI score0.0081EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/12/20 12:0 a.m.8 views

The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code or cause a denial-of-service attack through a specially created web...

10CVSS8.4AI score0.07836EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.7 views

The vulnerability of Windows operating system script handlers allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of Windows operating system script handlers is related to the operation of writing data beyond the buffer boundaries into memory when processing HTML content. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure through a...

9.3CVSS8AI score0.3067EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/23 12:0 a.m.6 views

The vulnerability of the Google Chrome browser’s media component, which allows a hacker to execute arbitrary code.

The vulnerability of the Google Chrome browser’s media component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

10CVSS8.1AI score0.01362EPSS
Exploits1References11Affected Software5
CNVD
CNVD
added 2021/04/21 12:0 a.m.9 views

Mozilla Firefox Resource Management Error Vulnerability (CNVD-2021-36258)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a resource management error vulnerability that can be exploited by an attacker to create a specially crafted web page, trick a victim into visiting the page, and execute...

8.8CVSS7.3AI score0.00816EPSS
Exploits0References1
Gitee
Gitee
added 2021/04/13 7:19 p.m.6 views

Exploit for Improper Input Validation in Google Chrome

PoC exploit for CVE-2020-16040, an out-of-bounds write vulnerability in the WebAssembly WASM engine of various browsers. The exploit targets the WASM engine's handling of large arrays, allowing an attacker to write arbitrary data to the heap. The exploit is implemented in JavaScript, using the...

6.5CVSS9AI score0.99595EPSS
Exploits14
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.7 views

Infraware Polaris ML Report Program Buffer Error Vulnerability

Infraware Polaris ML Report is a web browser based web software from Infraware, Korea that enables compatibility printing reports. A security vulnerability exists in ML Report Program, which originates from a stack-based buffer overflow in the sub41EAF0 function of mlreportdeam .exe. The function...

8.8CVSS7.9AI score0.0074EPSS
Exploits0References2
CNNVD
CNNVD
added 2020/12/04 12:0 a.m.10 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in previous versions of Google Chrome 87.0.4280.88 that originates from reading the web beyond boundaries. A remote attacker can exploit the vulnerability to obtain potentially sensitive information...

8.1CVSS7.3AI score0.0209EPSS
Exploits0References8
OSV
OSV
added 2020/11/13 4:15 p.m.14 views

CVE-2020-25538

An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server...

8.8CVSS7AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/10/07 12:0 a.m.6 views

The vulnerability of the Internet Explorer and Sailfish Browser script handlers, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Internet Explorer script handler arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure through a specially created web page...

9.3CVSS7.9AI score0.44265EPSS
Exploits4References5Affected Software2
Rows per page
Query Builder