CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

CVE•added 2024/10/15 8:14 p.m.•109 views

CVE-2024-9956

CVE-2024-9956 affects Google Chrome on Android prior to 130.0.6723.58, with an Inappropriate implementation in WebAuthentication allowing a local attacker to escalate privileges via a crafted HTML page. The CVE’s standard metrics show LOCAL attack vector, LOW attack complexity, NONE privileges re...

7.8CVSS6.5AI score0.0002EPSS

Exploits0References5Affected Software1

Cvelist•added 2024/10/15 8:14 p.m.•10 views

CVE-2024-9956

Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

0.0002EPSS

Exploits0References2

Cvelist•added 2024/10/15 8:14 p.m.•11 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

0.33501EPSS

Exploits0References2

CVE•added 2024/10/15 8:14 p.m.•67 views

CVE-2024-9955

CVE-2024-9955 affects Google Chrome/Chromium’s WebAuthentication in all builds prior to 130.0.6723.58. The vulnerability is a use-after-free that could enable a remote attacker to cause heap corruption via a crafted HTML page. Public advisories indicate that fixed versions exist (e.g., Chromium 1...

8.8CVSS7.3AI score0.33501EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/10/15 8:14 p.m.•11 views

CVE-2024-9955

7.3AI score0.33501EPSS

Exploits0References2

Debian CVE•added 2024/10/15 8:14 p.m.•12 views

CVE-2024-9955

8.8CVSS8.2AI score0.33501EPSS

Exploits0

Vulnrichment•added 2024/10/15 8:14 p.m.•6 views

CVE-2024-9956

6.5AI score0.0002EPSS

Exploits0References2

Debian CVE•added 2024/10/15 8:14 p.m.•11 views

CVE-2024-9956

7.8CVSS8.3AI score0.0002EPSS

Exploits0

Positive Technologies•added 2024/09/30 12:0 a.m.•5 views

PT-2024-7088 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome on Android versions prior to 130.0.6723.58 Description: The issue is related to an inappropriate implementation in WebAuthentication in Google Chrome on Android, allowing a local attacker to perform privilege escalation via a...

10CVSS7.6AI score0.33501EPSS

Exploits7References278

SUSE CVE•added 2023/02/15 4:2 a.m.•1 views

SUSE CVE-2020-6493

Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS9.1AI score0.01637EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 3:42 a.m.•1 views

SUSE CVE-2021-30528

Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.9AI score0.00424EPSS

Exploits1References5

SUSE CVE•added 2023/02/15 3:38 a.m.•1 views

SUSE CVE-2021-38022

Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS6.7AI score0.00943EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 3:33 a.m.•1 views

SUSE CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS6.6AI score0.00372EPSS

Exploits1References4

NVD•added 2022/07/26 10:15 p.m.•18 views

CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS0.00372EPSS

Exploits1References3

OSV•added 2022/07/26 10:15 p.m.•0 views

DEBIAN-CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS6.8AI score0.00372EPSS

Exploits1References1

OSV•added 2022/07/26 10:15 p.m.•22 views

CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS8AI score

Exploits0References3

UbuntuCve•added 2022/07/26 10:15 p.m.•41 views

CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS6.8AI score0.00372EPSS

Exploits1References1

OSV•added 2022/07/26 10:15 p.m.•2 views

UBUNTU-CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS5.8AI score0.00372EPSS

Exploits1References2

CVE•added 2022/07/26 9:35 p.m.•223 views

CVE-2022-1499

CVE-2022-1499 – Chrome/Chromium WebAuthentication bypass Affected software: Google Chrome (Chromium derivatives) on desktop platforms; affected component: WebAuthentication implementation.Root cause: Inappropriate implementation in WebAuthentication allowed a remote attacker to bypass the same-or...

6.3CVSS6.1AI score0.00372EPSS

Exploits1References3Affected Software1

AlpineLinux•added 2022/07/26 9:35 p.m.•52 views

CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS6.4AI score0.00372EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by