CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-0263

Malware in sbrugna...

9.3CVSS8.1AI score0.00518EPSS

Exploits0References5

CNVD•added 2020/08/26 12:0 a.m.•2 views

Google Chrome Resource Management Error Vulnerability (CNVD-2020-49918)

Google Chrome is a web browser from Google Inc.Blink is a browser layout engine rendering engine jointly developed by Google Inc. and Opera Software Norway.Canvas is a graphics component.WebMIDI is a component that provides support for MIDI devices.JavaScript is a JavaScript code debugging...

9.6CVSS9.3AI score0.0033EPSS

Exploits1References1

ThreatPost•added 2020/02/07 5:3 p.m.•52 views

Google Chrome To Bar HTTP File Downloads

Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection, if they are loaded on HTTPS webpages. HTTPS indicates that a website has an encrypted connection. When connecting to an HTTP website, browsers merely look up the IP address and...

7AI score

Exploits0References10

CNVD•added 2018/05/31 12:0 a.m.•2 views

dalek-browser-chrome-canary code execution vulnerability

dalek-browser-chrome-canary is a plugin for the DalekJS browser for Google Chrome. A security vulnerability exists in dalek-browser-chrome-canary that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the...

9.3CVSS7.1AI score0.00518EPSS

Exploits0References1

Prion•added 2018/05/29 8:29 p.m.•16 views

Design/Logic Flaw

dalek-browser-chrome-canary provides Google Chrome bindings for DalekJS. dalek-browser-chrome-canary downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...

9.3CVSS7.8AI score0.00518EPSS

Exploits0References1Affected Software1

CVE•added 2018/05/29 8:0 p.m.•54 views

CVE-2016-10584

The CVE-2016-10584 entry concerns dalek-browser-chrome-canary, a Google Chrome binding for DalekJS. The vulnerability arises because it downloads binary resources over HTTP, enabling a man-in-the-middle (MitM) attacker to swap the requested binary with malware, potentially causing remote code exe...

9.3CVSS8.2AI score0.00518EPSS

Exploits0References1Affected Software1

Cvelist•added 2018/05/29 8:0 p.m.•17 views

CVE-2016-10584

8.2AI score0.00518EPSS

Exploits0References1

Node.js•added 2016/11/30 10:42 p.m.•53 views

Downloads Resources over HTTP

Overview Affected versions of dalek-browser-chrome-canary insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

9.3CVSS6.2AI score0.00518EPSS

Exploits0Affected Software1

Jake Archibald's Blog•added 2014/09/24 12:25 a.m.•14 views

Using ServiceWorker in Chrome today

The implementation for ServiceWorker has been landing in Chrome Canary over the past few months, and there's now enough of it to do some cool shit! Unnecessary representation of "cool shit" What is ServiceWorker? ServiceWorker is a background worker, it gives us a JavaScript context to add featur...

6.2AI score

Exploits0

The Hacker News•added 2014/05/05 7:52 a.m.•17 views

Hiding URLs in Google Chrome Could Be A Good Decision?

The collection of slashes and hyphens in URLs of websites make it look complicated and messy, now the new experimental version of the Google Chrome browser bury the whole URL into the top-level domain name. Google’s new experiment to the recent update to Chrome's publicly available Canary browser...

6.5AI score

Exploits0

Jake Archibald's Blog•added 2014/05/04 12:0 a.m.•12 views

Improving the URL bar

iOS has hidden the pathname of URLs for some time now, but recently Chrome Canary introduced something similar behind a flag. I'm not involved in the development of Chrome experiment at all, but I've got more than 140 characters worth of opinion on it… We have a real security problem I recently...

6.8AI score

Exploits0

Kitploit•added 2014/02/23 9:16 p.m.•21 views

[FacebookPasswordDump v2.0] Command-line Tool to Recover Facebook Password from Browsers and Messengers

Facebook Password Dump is the command-line tool to instantly recover your lost Facebook password from popular web browsers and messengers. Currently it can recover your Facebook password from following applications, Firefox Internet Explorer v6.x - v10.x Google Chrome Chrome Canary/SXS CoolNovo...

6.7AI score

Exploits0

Kitploit•added 2014/01/20 5:8 p.m.•11 views

[BrowserHistorySpy v3.0] All-in-one Tool to View Web History of Firefox/Chrome/IE/Chrome SXS/CoolNovo/SeaMonkey Browsers

Browser History Spy is the all-in-one software to instantly recover or view the browsing history from popular web browsers. It helps in recovering or viewing web history of following browsers. Mozilla Firefox Internet Explorer Google Chrome Google Chrome Canary/SXS CoolNovo SeaMonkey Browser It...

7AI score

Exploits0

Kitploit•added 2013/12/27 3:5 a.m.•10 views

[Twitter Password Dump] Command-line Tool to Recover Twitter Password from Web Browsers

Twitter Password Dump is the command-line tool to instantly recover your lost Twitter password from all the popular web browsers. Currently it can recover your Twitter password from following applications, Firefox Internet Explorer v6.x - v10.x Google Chrome Chrome Canary/SXS CoolNovo Browser Ope...

6.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by