CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

CVE-2026-11036

Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2

Positive Technologies•added yesterday•4 views

PT-2026-46565

Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-6707

Malware in sbrugna...

7.5CVSS8.5AI score0.00957EPSS

Exploits1References15

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-6709

Malware in sbrugna...

7.5CVSS8.5AI score0.01229EPSS

Exploits1References16

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2011-2331

Malware in sbrugna...

4.3CVSS6.1AI score0.00323EPSS

Exploits0References8

Prion•added 2016/05/14 9:59 p.m.•14 views

Design/Logic Flaw

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a...

6.8CVSS6.6AI score0.00617EPSS

Exploits1References12Affected Software3

UbuntuCve•added 2016/05/13 12:0 a.m.•23 views

CVE-2016-1667

8.8CVSS6.9AI score0.00617EPSS

Exploits1References3

Tenable Nessus•added 2016/02/19 12:0 a.m.•35 views

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2895-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2895-1 advisory. The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user we...

8.8CVSS8.8AI score0.0153EPSS

Exploits1References3

Ubuntu•added 2016/02/18 7:19 p.m.•60 views

USN-2895-1: Oxide vulnerabilities

The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-16...

8.8CVSS8.4AI score0.0153EPSS

Exploits1

Prion•added 2016/02/14 2:59 a.m.•22 views

Design/Logic Flaw

The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp,...

6.8CVSS6.5AI score0.0153EPSS

Exploits1References11Affected Software3

Cvelist•added 2016/02/14 2:0 a.m.•20 views

CVE-2016-1623

8.2AI score0.0153EPSS

Exploits1References11

Tenable Nessus•added 2015/12/11 12:0 a.m.•43 views

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2825-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2825-1 advisory. Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If a user were tricked in to opening a specially crafte...

10CVSS8.6AI score0.40209EPSS

Exploits6References17

Ubuntu•added 2015/12/10 5:43 p.m.•74 views

USN-2825-1: Oxide vulnerabilities

Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the...

10CVSS8.4AI score0.40209EPSS

Exploits6

CNVD•added 2015/12/08 12:0 a.m.•2 views

Google Chrome DOM Homology Policy Bypass Vulnerability

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the DOM implementation of Google Chrome versions prior to 47.0.2526.73. A remote attacker can exploit the vulnerability to bypass the same-origin policy...

7.5CVSS9AI score0.00957EPSS

Exploits1References1

NVD•added 2015/12/06 1:59 a.m.•11 views

CVE-2015-6772

The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin...

7.5CVSS9.2AI score0.01229EPSS

Exploits1References10

Cvelist•added 2015/12/06 1:0 a.m.•19 views

CVE-2015-6772

9AI score0.01229EPSS

Exploits1References10

CVE•added 2015/12/06 1:0 a.m.•92 views

CVE-2015-6772

CVE-2015-6772 refers to a flaw in Blink used by Google Chrome before 47.0.2526.73, where the DOM implementation did not prevent javascript: URL navigation while a document was detached. This enables bypass of the Same Origin Policy through crafted JavaScript interactions with a plugin. The issue ...

7.5CVSS8.9AI score0.01229EPSS

Exploits1References10Affected Software1

Debian CVE•added 2015/12/06 1:0 a.m.•19 views

CVE-2015-6777

Removed by vendor...

7.5CVSS8.7AI score0.01583EPSS

Exploits0

Debian CVE•added 2015/12/06 1:0 a.m.•21 views

CVE-2015-6772

Removed by vendor...

7.5CVSS8.7AI score0.01229EPSS

Exploits1

UbuntuCve•added 2015/12/05 12:0 a.m.•23 views

CVE-2015-6770

The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768...

7.5CVSS7.1AI score0.00957EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by