Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Prion
Prionadded 2016/07/23 7:59 p.m.16 views

Design/Logic Flaw

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs,...

4.3CVSS6.3AI score0.01011EPSS
Exploits0References13Affected Software1
Cvelist
Cvelistadded 2016/07/23 7:0 p.m.22 views

CVE-2016-5137

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs,...

6.1AI score0.01011EPSS
Exploits0References13
UbuntuCve
UbuntuCveadded 2016/07/23 12:0 a.m.31 views

CVE-2016-5137

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs,...

4.3CVSS6.7AI score0.01011EPSS
Exploits0References3
OSV
OSVadded 2016/01/22 12:0 a.m.0 views

UBUNTU-CVE-2016-1617

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easie...

4.3CVSS6.5AI score0.00635EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2016/01/22 12:0 a.m.29 views

CVE-2016-1617

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easie...

4.3CVSS6.6AI score0.00635EPSS
Exploits0References3
Kaspersky
Kasperskyadded 2016/01/20 12:0 a.m.54 views

KLA10745 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple unspecified vulnerabilities at HarfBuzz and V8 c...

9.8CVSS8.7AI score0.01427EPSS
Exploits1References3
Prion
Prionadded 2015/12/06 1:59 a.m.13 views

Design/Logic Flaw

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a .x.y pattern, which might allow remote attackers to bypass intended access restrictions...

4.3CVSS6.6AI score0.00768EPSS
Exploits0References10Affected Software1
UbuntuCve
UbuntuCveadded 2015/12/05 12:0 a.m.20 views

CVE-2015-6785

The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a .x.y pattern, which might allow remote attackers to bypass intended access restrictions...

4.3CVSS7.2AI score0.00768EPSS
Exploits0References3
Rows per page
Query Builder