Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by an improper implementation of the password manager. A remote attacker could exploit this vulnerability to leak cross-source data...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability, which was caused by out-of-bounds read operations in Skia. This vulnerability could allow remote attackers to exploit the vulnerability through...

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. Chromium security severity: High...

CVE-2010-1852

Microsoft Internet Explorer, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site...

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. Chromium security severity: High...

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. Chromium security severity: High...

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. Chromium security severity: High...

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. Chromium security severity: High...

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. Chromium security severity: High...

CVE-2024-4059

CVE-2024-4059 describes an out-of-bounds read in the V8 API used by Google Chrome/Chromium prior to 124.0.6367.78. The vulnerability enables a remote attacker to leak cross-site data via a crafted HTML page. Affected component is the Chromium-derived web browser stack (V8 API). The documented imp...

Out Of Bounds Read

Chrome is vulnerable to Out Of Bounds Read. The vulnerability due to improper handling of out-of-bounds reads, allows a remote attacker to leak cross-site data via a crafted HTML page...

Debian dsa-5675 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5675 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5675-1...

SUSE CVE-2008-1318

Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation JSON formatted results...

Chrome for Android Enables Site Isolation Security Feature for All Sites with Login

After enabling 'Site Isolation' security feature in Chrome for desktops last year, Google has now finally introduced 'the extra line of defence' for Android smartphone users surfing the Internet over the Chrome web browser. In brief, Site Isolation is a security feature that adds an additional...

Apple iOS WebKit Information Disclosure Vulnerability (CNVD-2016-03339)

Apple iOS is the United States Apple Apple company for mobile devices developed by a set of operating systems. WebKit is KDE, Apple Apple, Google Google and other companies jointly developed a set of open source Web browser engine, currently used by Apple Safari and Google Chrome and other...

Apple iOS Webkit 'canvas' element image processing information disclosure vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability in Apple iOS Webkit's handling of 'canvas' element images allows attackers to construct malicious WEB pages that can be parsed by tricking users into parsing them, which can acces...

Flash content-type sniffing allows Cross Site Data Hijacking

As documented at http://blog.detectify.com/post/86298380233/the-pitfalls-of-allowing-file-uploads-on-your-website it is possible to upload a flash file to confluence with a different content-type than for flash and when embedded on an attacker's domain will be able to make requests to the...

Flash content-type sniffing allows Cross Site Data Hijacking

As documented at http://blog.detectify.com/post/86298380233/the-pitfalls-of-allowing-file-uploads-on-your-website it is possible to upload a flash file to confluence with a different content-type than for flash and when embedded on an attacker's domain will be able to make requests to the...

Google Chrome Cross Site Data Leakage Vulnerability (Windows)

This host is installed with Google Chrome Web Browser and is prone to cross site data leakage vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromecrosssitedataleakagevuln.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome Cross Site Data Leakage Vulnerability Windows Authors: Antu...

Microsoft Internet Explorer Cross Site Data Leakage Vulnerability

This host is installed with Microsoft Internet Explorer web browser and is prone to cross site data leakage vulnerability. OpenVAS Vulnerability Test $Id: gbmsiecrosssitedataleakagevuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Microsoft Internet Explorer Cross Site Data Leakage Vulnerability...