Lucene search
K

17057 matches found

OSV
OSV
added 2025/11/14 3:15 a.m.3 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS7.2AI score
Exploits0References2
NVD
NVD
added 2025/11/14 3:15 a.m.4 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.00176EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/14 2:29 a.m.6 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00176EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/14 2:29 a.m.5 views

EUVD-2024-55072

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.5AI score0.00176EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/11/14 2:29 a.m.1 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

6.7AI score0.00176EPSS
Exploits1References2
CVE
CVE
added 2025/11/14 2:29 a.m.19 views

CVE-2024-7017

CVE-2024-7017: In Google Chrome DevTools an inappropriate implementation allows sandbox escape via a crafted HTML page. Affected product is Google Chrome (DevTools). Root cause: DevTools mal-implementation described as an inappropriate implementation. Impact: potential sandbox escape with high se...

7.5CVSS6.7AI score0.00176EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2025/11/14 2:29 a.m.3 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS7.3AI score0.00176EPSS
Exploits1
Cvelist
Cvelist
added 2025/11/14 2:29 a.m.5 views

CVE-2025-13097

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00144EPSS
Exploits1References2
CVE
CVE
added 2025/11/14 2:29 a.m.423 views

CVE-2025-13097

CVE-2025-13097 is a Chrome/Chromium DevTools vulnerability caused by an inappropriate implementation that could allow a remote sandbox escape via a crafted HTML page. Affected product: Google Chrome (DevTools/Chromium). Root cause: DevTools handling defect leading to sandbox bypass. Impact: sandb...

5.4CVSS6.7AI score0.00144EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/14 2:29 a.m.1 views

CVE-2025-13097

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

6.7AI score0.00144EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2025/11/14 2:29 a.m.6 views

CVE-2025-13097

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.6AI score0.00144EPSS
Exploits1
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 136.0.7103.59, which stems from a flaw in the security handling of the sandboxing mechanism. The vulnerability can be exploited by an attacker to achieve a sandbox escape via a...

5.4CVSS6.3AI score0.00144EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a DevTools mal-implementation vulnerability that can be exploited by an attacker to cause a sandbox escape...

7.5CVSS6.5AI score0.00176EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/11/14 12:0 a.m.3 views

PT-2025-46935

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 136.0.7103.59 Description An improper implementation in the DevTools component of Google Chrome could allow a remote attacker to potentially escape the sandbox through a crafted HTML page. Recommendations Update...

5.4CVSS6.8AI score0.00144EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.2 views

Mozilla Thunderbird < 145.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 145.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-90 advisory. - Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of...

9.8CVSS7.7AI score0.0041EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-7017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafte...

7.5CVSS5.5AI score0.00176EPSS
Exploits1References2
Mageia
Mageia
added 2025/11/13 11:37 p.m.15 views

Updated ruby packages fix security vulnerabilities

Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does not impose any limit on the length of the raw cookie value it...

7.5CVSS7.2AI score0.00784EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/13 7:8 p.m.17 views

CVE-2024-45301

Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...

5.3CVSS7.2AI score0.00247EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/11/13 10:51 a.m.8 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00526EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/13 10:51 a.m.3 views

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

7.8CVSS5.8AI score0.00673EPSS
Exploits2References5
Rows per page
Query Builder