Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5743 matches found

NVD
NVDadded 2020/06/03 11:15 p.m.14 views

CVE-2011-1805

Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.7AI score0.00748EPSS
Exploits1References1
Prion
Prionadded 2020/06/03 11:15 p.m.16 views

Design/Logic Flaw

Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS6.6AI score0.00748EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCveadded 2020/06/03 11:15 p.m.31 views

CVE-2011-1805

Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.00748EPSS
Exploits1References2
Cvelist
Cvelistadded 2020/06/03 10:50 p.m.20 views

CVE-2011-1805

Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.7AI score0.00748EPSS
Exploits1References1
CVE
CVEadded 2020/06/03 10:50 p.m.72 views

CVE-2011-1805

CVE-2011-1805 affects Google Chrome before version 11.0.0.0, where a bad cast in CSS could allow a remote attacker to trigger heap corruption via a crafted HTML page. This is a remote, network-exploitable vulnerability with high impact (confidentiality/integrity/availability). Remediation: upgrad...

8.8CVSS8.6AI score0.00748EPSS
Exploits1References1Affected Software1
Hacker One
Hacker Oneadded 2020/06/03 2:52 p.m.100 views

h1-ctf: [H1-2006 2020] Multiple vulnerabilities lead to CEO account takeover and paid bounties

Summary: 1. A publicly accessible logfile discloses a user's credentials 2. Weak 2FA implementation allows user account takeover 3. Path injection in user's cookie allows SSRF, bypassing the IP restriction to list available builds on https://software.bountypay.h1ctf.com/ 4. API token leak in...

7.6AI score
Exploits0
NVD
NVDadded 2020/06/03 2:15 p.m.7 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS9.9AI score0.55084EPSS
Exploits4References5
OSV
OSVadded 2020/06/03 2:15 p.m.17 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS8.2AI score
Exploits0References5
OSV
OSVadded 2020/06/03 2:15 p.m.1 views

DEBIAN-CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS9.3AI score0.55084EPSS
Exploits4References1
Prion
Prionadded 2020/06/03 2:15 p.m.19 views

Remote code execution

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

7.5CVSS9.8AI score0.55084EPSS
Exploits4References4Affected Software1
OSV
OSVadded 2020/06/03 2:15 p.m.0 views

UBUNTU-CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS6.4AI score0.55084EPSS
Exploits4References4
Cvelist
Cvelistadded 2020/06/03 1:46 p.m.20 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.9AI score0.55084EPSS
Exploits4References4
CVE
CVEadded 2020/06/03 1:46 p.m.245 views

CVE-2020-13756

Sabberworm PHP CSS Parser vulnerability CVE-2020-13756: before 8.3.1, the code calls eval on untrusted data via getSelectorsBySpecificity() or allSelectors(), enabling potential remote code execution. Affected product is Sabberworm PHP CSS Parser (and the php-horde-css-parser bundle). The issue i...

9.8CVSS9.7AI score0.55084EPSS
In wildExploits4References5Affected Software1
Debian CVE
Debian CVEadded 2020/06/03 1:46 p.m.6 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker...

9.8CVSS9.9AI score0.55084EPSS
Exploits4
0day.today
0day.todayadded 2020/06/03 12:0 a.m.95 views

Sabberworm PHP CSS Code Injection Vulnerability

Exploit for php platform in category web applications Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score...

7.5CVSS0.3AI score0.55084EPSS
Exploits4
ATTACKERKB
ATTACKERKBadded 2020/06/03 12:0 a.m.94 views

CVE-2020-13756

Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors or getSelectorsBySpecificity is called with input from an attacker. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

9.8CVSS5.8AI score0.55084EPSS
In wildExploits4References5
Packet Storm
Packet Stormadded 2020/06/03 12:0 a.m.238 views

Sabberworm PHP CSS Code Injection

Sabberworm PHP CSS parser - Code injection =============================================================================== Identifiers ------------------------------------------------- CVE-2020-13756 CVSSv3 score ------------------------------------------------- 8.6 -...

0.4AI score0.55084EPSS
Exploits4
Positive Technologies
Positive Technologiesadded 2020/06/03 12:0 a.m.5 views

PT-2020-13657 · Sabberworm +2 · Sabberworm Php Css Parser +2

Name of the Vulnerable Software and Affected Versions: Sabberworm PHP CSS Parser versions prior to 8.3.1 php-horde-css-parser version 1.0.8-1ubuntu1+esm1 and earlier Description: The issue is related to the parsing of uncontrolled CSS data, which could lead to remote code execution. The functions...

9.8CVSS9.9AI score0.55084EPSS
Exploits4References25
OpenVAS
OpenVASadded 2020/06/03 12:0 a.m.33 views

Mozilla Firefox Security Advisories (MFSA2020-20, MFSA2020-21) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.3CVSS7.4AI score0.01537EPSS
Exploits1References1
Kaspersky
Kasperskyadded 2020/05/26 12:0 a.m.69 views

KLA11790 Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, execute arbitrary code, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. A logic vulnerability in...

9.8CVSS9.3AI score0.77246EPSS
Exploits5References5
Rows per page
Query Builder