103 matches found
The vulnerability in the implementation of the Fullscreen API standard for browsers Google Chrome and Microsoft Edge allows a perpetrator to disclose protected information.
The vulnerability of the Fullscreen API implementation in Google Chrome and Microsoft Edge is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability can allow a malicious actor to disclose protected information through a specially created w...
DEBIAN-CVE-2022-2612
Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...
The vulnerability of Google Chrome browsers, related to the use of memory after it is freed, allows attackers to disclose protected information.
The vulnerability of Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information through a specially created web page...
Google Chrome ANGLE Component Memory Misreference Vulnerability
Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in the ANGLE component of Google Chrome versions prior to 102.0.5005.61, which stems from a confusion in the instructions responsible for freeing memory in the ANGLE component program. An...
The vulnerability of the Elcomplus SmartPPT SCADA server, related to insufficient verification of the HTTP request source, allows a hacker to execute a CSRF attack.
The vulnerability of the Elcomplus SmartPPT SCADA server is related to insufficient security checks on the HTTP request source. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack using a specially created web page...
The vulnerability of Google Chrome’s storage mechanism allows a hacker to execute arbitrary code.
The vulnerability of Google Chrome’s storage mechanism is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code through a specially created web page...
The vulnerability of the software interface of the Background Fetch API in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Background Fetch API programming interface in Google Chrome and Microsoft Edge browsers is related to improperly implemented security checks for standard elements. Exploiting this vulnerability could allow a remote attacker to gain unauthorized access to protected...
The vulnerability of the Shopping Cart component in Google Chrome and Microsoft Edge browsers allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Shopping Cart component in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created web page...
Microsoft Edge browser’s vulnerability, related to improper code generation management, allows attackers to escalate their privileges.
The vulnerability of Microsoft Edge is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created web page...
Microsoft Edge browser’s vulnerability, related to improper code generation management, allows attackers to escalate their privileges.
The vulnerability of Microsoft Edge is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created web page...
The vulnerability of the Accessibility component in Google Chrome browser allows a perpetrator to access confidential information.
The vulnerability of the Accessibility component in Google Chrome browser relates to memory usage after deallocation. Exploiting this vulnerability could allow an attacker to access confidential information through a specially created web page...
The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers allows attackers to execute arbitrary code or cause service interruptions.
The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code or cause a denial-of-service attack through a specially created web...
The vulnerability of Windows operating system script handlers allows a perpetrator to execute arbitrary code or cause service failures.
The vulnerability of Windows operating system script handlers is related to the operation of writing data beyond the buffer boundaries into memory when processing HTML content. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure through a...
The vulnerability of the Google Chrome browser’s media component, which allows a hacker to execute arbitrary code.
The vulnerability of the Google Chrome browser’s media component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...
Mozilla Firefox Resource Management Error Vulnerability (CNVD-2021-36258)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a resource management error vulnerability that can be exploited by an attacker to create a specially crafted web page, trick a victim into visiting the page, and execute...
Exploit for Improper Input Validation in Google Chrome
PoC exploit for CVE-2020-16040, an out-of-bounds write vulnerability in the WebAssembly WASM engine of various browsers. The exploit targets the WASM engine's handling of large arrays, allowing an attacker to write arbitrary data to the heap. The exploit is implemented in JavaScript, using the...
Infraware Polaris ML Report Program Buffer Error Vulnerability
Infraware Polaris ML Report is a web browser based web software from Infraware, Korea that enables compatibility printing reports. A security vulnerability exists in ML Report Program, which originates from a stack-based buffer overflow in the sub41EAF0 function of mlreportdeam .exe. The function...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in previous versions of Google Chrome 87.0.4280.88 that originates from reading the web beyond boundaries. A remote attacker can exploit the vulnerability to obtain potentially sensitive information...
CVE-2020-25538
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server...
The vulnerability of the Internet Explorer and Sailfish Browser script handlers, which allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the Internet Explorer script handler arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure through a specially created web page...