Lucene search
K

33 matches found

OSV
OSV
added 2021/01/08 7:15 p.m.2 views

UBUNTU-CVE-2020-16027

Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension...

6.5CVSS7.3AI score0.00802EPSS
Exploits0References2
OSV
OSV
added 2020/11/03 3:15 a.m.2 views

UBUNTU-CVE-2020-15977

Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

6.5CVSS7AI score0.01468EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/10/13 8:22 a.m.3 views

chromium-browser: Insufficient data validation in dialogs

Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

6.5CVSS7.4AI score0.01468EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/09/10 1:45 p.m.2 views

chromium-browser: Insufficient policy enforcement in intent handling

Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...

6.5CVSS7.4AI score0.01686EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/06/15 12:55 p.m.4 views

chromium-browser: Inappropriate implementation in developer tools

Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page...

4.3CVSS7.4AI score0.01633EPSS
Exploits1References5
OSV
OSV
added 2020/05/21 4:15 a.m.2 views

DEBIAN-CVE-2020-6489

Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page...

4.3CVSS7.5AI score0.01633EPSS
Exploits1References1
OSV
OSV
added 2020/05/21 4:15 a.m.1 views

UBUNTU-CVE-2020-6489

Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page...

4.3CVSS7.2AI score0.01633EPSS
Exploits1References4
OSV
OSV
added 2019/08/07 5:15 p.m.4 views

PYSEC-2019-44

Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...

5.9AI score
Exploits0References3
CNVD
CNVD
added 2018/03/08 12:0 a.m.3 views

Red Hat oVirt Information Disclosure Vulnerability

Red Hat oVirt is the United States Red Hat Red Hat company's set of open source virtualization management platform , is the RHEV enterprise virtualization platform of the open source version of the oVirt-node client and overt-engine management end consists of . A security vulnerability exists in...

5.3CVSS6.7AI score0.01417EPSS
Exploits0References1
OSV
OSV
added 2017/12/01 2:29 p.m.6 views

CVE-2017-10900

PTW-WMS1 firmware version 2.000.012 allows remote attackers to bypass access restrictions to obtain or delete data on the disk via unspecified vectors...

9.8CVSS5.9AI score0.01425EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/08/20 12:0 a.m.29 views

Fedora 23 : xfsprogs-3.2.4-1.fc23 (2015-12380)

Gabriel Vlasiu reported that xfsmetadump, part of the xfsprogs suite of tools for the XFS filesystem, did not properly obfuscate data. xfsmetadump properly obfuscates active metadata, but the rest of the space within that fs block comes through in the clear. This could lead to exposure of stale...

5CVSS5.5AI score0.04535EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.32 views

Scientific Linux Security Update : postgresql84 on SL5.x i386/x86_64

A flaw was found in the way PostgreSQL enforced permission checks on scripts written in PL/Perl. If the PL/Perl procedural language was registered on a particular database, an authenticated database user running a specially crafted PL/Perl script could use this flaw to bypass intended PL/Perl...

8.5CVSS8AI score0.04081EPSS
Exploits1References3
seebug.org
seebug.org
added 2008/07/10 12:0 a.m.321 views

Microsoft SQL Server磁盘数据结构整数溢出漏洞(MS08-040)

BUGTRAQ ID: 30119 CVECAN ID: CVE-2008-0107 Microsoft SQL Server是一款流行的SQL数据库系统。 SQL Server负责解析存储备份数据的代码存在漏洞,该段代码从文件获得了代表记录大小的32位整数值用于计算所要读取到堆缓冲区的字节数。这个计算可能下溢,导致分配不充分的内存,之后的操作会触发溢出。 如果要利用这个漏洞,攻击者必须能够诱骗服务器加载特制的备份文件,可通过提交到远程文件的路径或使用SMB/WebDAV来实现。 Microsoft SQL Server 7.0 SP4 Microsoft SQL Server 2005...

9CVSS7.3AI score0.34539EPSS
Exploits1
Rows per page
Query Builder