Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/05/20 12:0 a.m.10 views

PT-2026-42248

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CSP report endpoint incorrectly allowed reports up to 1 MB before truncation, despite being intended to limit logged CSP reports to 1 KB. When this endpoint ...

5.1CVSS5.7AI score0.00365EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:8 a.m.3 views

SUSE CVE-2016-1617

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easie...

4.3CVSS8.8AI score0.01271EPSS
Exploits0References6
OSV
OSVadded 2016/07/23 7:59 p.m.4 views

CVE-2016-5137

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs,...

4.3CVSS6.5AI score0.01265EPSS
Exploits0References13
Prion
Prionadded 2016/07/23 7:59 p.m.16 views

Design/Logic Flaw

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs,...

4.3CVSS6.3AI score0.01271EPSS
Exploits0References13Affected Software1
UbuntuCve
UbuntuCveadded 2016/07/23 12:0 a.m.33 views

CVE-2016-5137

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs,...

4.3CVSS6.7AI score0.01265EPSS
Exploits0References3
BDU FSTEC
BDU FSTECadded 2016/02/24 12:0 a.m.3 views

The vulnerability of Google Chrome’s browser allows a hacker to determine which website was visited using an HSTS connection.

The vulnerability of the CSPSource::schemeMatches function in the WebKit/Source/core/frame/csp/CSPSource.cpp file of the Content Security Policy implementation in the Blink component of the Google Chrome browser is related to the lack of application of http policies for https addresses and ws...

4.3CVSS6.6AI score0.01271EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2016/01/25 11:59 a.m.26 views

Design/Logic Flaw

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easie...

4.3CVSS4.1AI score0.01271EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder