Lucene search
+L

105 matches found

CVE
CVE
added 2025/08/20 12:41 a.m.120 views

CVE-2025-9132

CVE-2025-9132 concerns Google Chrome’s V8 engine: an out-of-bounds write can lead to heap corruption when processing crafted HTML pages. The vulnerability affects Chrome/Chromium prior to version 139.0.7258.138. Impact is described as potential arbitrary code execution/heap damage, with a High se...

8.8CVSS7AI score0.02954EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-6121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML...

8.8CVSS8AI score0.00861EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-5115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML...

8.8CVSS8.1AI score0.26331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2016-5219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to...

6.8CVSS7AI score0.00976EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/06 12:0 a.m.18 views

The vulnerability of the MediaStream interface in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the MediaStream interface in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by using a specially crafted HTML page...

10CVSS8.1AI score0.00315EPSS
Exploits0References9Affected Software5
Cvelist
Cvelist
added 2025/07/17 7:19 p.m.14 views

CVE-2025-6248

A cross-site scripting XSS vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content...

7.4CVSS0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.8 views

CVE-2022-0180

Cross-site request forgery CSRF vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page...

8.8CVSS7.4AI score0.00654EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:52 p.m.8 views

CVE-2005-2143

Microsoft Front Page allows attackers to cause a denial of service crash via a crafted style tag in a web page...

5CVSS6.7AI score0.03983EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2025/03/04 1:31 p.m.11 views

CVE-2025-1935

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

4.3CVSS6.7AI score0.00316EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/04 12:0 a.m.10 views

PT-2025-9660 · Mozilla +10 · Firefox +10

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 136 Firefox ESR versions prior to 128.8 Description: A web page could trick a user into setting that site as the default handler for a custom URL protocol. Recommendations: For Firefox versions prior to 136, update t...

10CVSS6.8AI score0.1307EPSS
Exploits9References399
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.7 views

The vulnerability of the Blink rendering module in Microsoft Edge and Google Chrome browsers allows attackers to compromise the integrity of protected information.

The vulnerability of the Blink rendering module in Microsoft Edge and Google Chrome browsers is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected information through a specially...

7.8CVSS6.5AI score0.0031EPSS
Exploits0References12Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/09/06 12:0 a.m.22 views

The vulnerability of the Tinode Chat messaging platform, which allows a hacker to perform a CSRF attack

The vulnerability of the Tinode Chat messaging platform is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack using a specially created web page...

7.5CVSS5.2AI score
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/23 12:0 a.m.17 views

PT-2023-7687 · Google +5 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.109 Description: The issue is related to a use after free vulnerability in the libavif library of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a craft...

10CVSS7.1AI score0.99735EPSS
Exploits128References1126
BDU FSTEC
BDU FSTEC
added 2023/10/13 12:0 a.m.6 views

The vulnerability of the Installer component in the Google Chrome browser allows a hacker to bypass existing security restrictions.

The vulnerability of the Google Chrome browser’s Installer component is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...

5CVSS5.4AI score0.00515EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/09/13 12:0 a.m.6 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server programs lies in their lack of access control mechanisms, allowing attackers to increase their privileges.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created...

9CVSS7.7AI score0.02254EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/04/07 12:0 a.m.8 views

The vulnerability of Google Chrome’s Safe Browsing service allows a hacker to disclose protected information.

The vulnerability of Google Chrome’s Safe Browsing service exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to disclose protected information through a specially created web page...

7.5CVSS6.7AI score0.00889EPSS
Exploits0References9Affected Software3
Packet Storm
Packet Storm
added 2023/04/06 12:0 a.m.274 views

Microsoft Excel Spoofing

Title: Microsoft Excel Spoofing Vulnerability Author: nu11secur1ty Date: 04.06.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/ CVE-2023-23398 Description: The attack itself is...

7.1CVSS6.4AI score0.00617EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.13 views

The vulnerability of the cross-platform software development framework Qt, related to resource management errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the cross-platform software development framework Qt is related to resource management errors. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures through a specially created web page...

9.8CVSS5.5AI score0.05951EPSS
Exploits1References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/10/31 12:0 a.m.9 views

The vulnerability of the Assistant web browser component of Google Chrome, which allows a hacker to disclose protected information

The vulnerability of the Assistant web browser component of Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information through a specially created web page...

7.8CVSS6.7AI score0.00501EPSS
Exploits1References7Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/10/28 12:0 a.m.10 views

The vulnerability of the Media components in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the Media component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...

10CVSS8.2AI score0.0055EPSS
Exploits0References10Affected Software6
Rows per page
Query Builder