Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 3:56 a.m.1 views

SUSE CVE-2020-16020

Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file...

8.8CVSS8.5AI score0.00191EPSS
Exploits0References9
Github Security Blog
Github Security Blogadded 2022/06/16 11:13 p.m.58 views

Jupyter server Token bruteforcing

Affects: Notebook and Lab between 6.4.0?potentially earlier and 6.4.11 currently latest. Jupyter Server =1.16.0. If I am correct about the responsible code it will affect Jupyter-Server 1.17.0 and 2.0.0a0 as well. Description: If notebook server is started with a value of rootdir that contains th...

9CVSS8.9AI score0.00268EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2022/06/14 8:40 p.m.16 views

CVE-2022-29241 Known or guessable hidden files may be accessed in Jupyter Server

Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a value of rootdir that contains the starting user's home directory, then the underlying REST API ca...

7.1CVSS8.6AI score0.00268EPSS
Exploits0References1
Prion
Prionadded 2021/01/08 7:15 p.m.16 views

Input validation

Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file...

6.8CVSS8.3AI score0.0014EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2021/01/08 7:15 p.m.0 views

UBUNTU-CVE-2020-16021

Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to perform OS-level privilege escalation via a malicious file...

7.5CVSS7.3AI score0.00411EPSS
Exploits0References2
Packet Storm
Packet Stormadded 2017/09/07 12:0 a.m.58 views

Tor Linux Sandbox Breakout Via X11

Tor: Linux sandbox breakout via X11 From inside the Linux sandbox described in https://blog.torproject.org/blog/tor-browser-70-released, it is still possible to talk to the X server without any restrictions. This means that a compromised browser can e.g. use the XTEST X protocol extension at...

0.1AI score
Exploits0
0day.today
0day.todayadded 2017/09/06 12:0 a.m.60 views

Tor - Linux Sandbox Breakout via X11 Exploit

Exploit for linux platform in category local exploits / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1293&desc=2 EDIT: I mixed up two different sandboxes; see the comment below for a correction. From inside the Linux sandbox described in , it is still possible to talk to the ...

6.8AI score
Exploits0
Rows per page
Query Builder