Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

281 matches found

UbuntuCve
UbuntuCveadded 2019/01/09 7:29 p.m.26 views

CVE-2018-6091

Service Workers can intercept any request made by an or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS6.9AI score0.01102EPSS
Exploits0References2
Prion
Prionadded 2019/01/09 7:29 p.m.18 views

Design/Logic Flaw

Service Workers can intercept any request made by an or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS6.3AI score0.01102EPSS
Exploits0References6Affected Software5
Debian CVE
Debian CVEadded 2019/01/09 7:0 p.m.24 views

CVE-2018-6091

Removed by vendor...

6.5CVSS8AI score0.01102EPSS
Exploits0
Cvelist
Cvelistadded 2019/01/09 7:0 p.m.18 views

CVE-2018-6091

Service Workers can intercept any request made by an or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.4AI score0.01102EPSS
Exploits0References6
CVE
CVEadded 2019/01/09 7:0 p.m.125 views

CVE-2018-6091

CVE-2018-6091 corresponds to a Chrome/Chromium vulnerability where Service Workers incorrectly handle plugins. The connected documentation links this CVE to the Chrome/Chromium 66.0.3359.117 line, with advisories noting affected releases and urging upgrades. Affected product: Google Chrome (Chrom...

6.5CVSS6.3AI score0.01102EPSS
Exploits0References6Affected Software1
Prion
Prionadded 2018/09/13 12:29 a.m.13 views

Information disclosure

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge...

2.6CVSS3.6AI score0.15613EPSS
Exploits0References3
CVE
CVEadded 2018/09/13 12:0 a.m.57 views

CVE-2018-8366

CVE-2018-8366 is an information disclosure vulnerability in Microsoft Edge tied to the Fetch API mis-handling a filtered response type. Root cause: Edge Fetch API incorrectly handles certain filtered response types, enabling an attacker to read the URL of a cross-origin request. Affected product/...

3.1CVSS4.7AI score0.15613EPSS
Exploits0References3Affected Software1
CNVD
CNVDadded 2018/09/12 12:0 a.m.1 views

Microsoft Edge Information Disclosure Vulnerability (CNVD-2018-21205)

Edge is the default browser that comes with Microsoft's operating systems. Microsoft Edge suffers from an information disclosure vulnerability that stems from the Edge Fetch API failing to have proper handling of filtered response types. An attacker could exploit the vulnerability to read the URL...

3.1CVSS3.8AI score0.15613EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2018/09/11 7:0 a.m.19 views

Microsoft Edge Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Websites that that do not securely populate the URL with confidential information could...

4.3CVSS0.7AI score0.15613EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2018/08/21 12:0 a.m.34 views

Mozilla Firefox ESR < 52.4 Multiple Vulnerabilities

Binary data 700331.prm...

10CVSS7.3AI score0.12063EPSS
Exploits3References10
RedHat Linux
RedHat Linuxadded 2018/07/30 3:10 p.m.3 views

chromium-browser: Cross origin information leak in Blink

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It...

6.5CVSS7.4AI score0.00953EPSS
Exploits0References5
OSV
OSVadded 2018/06/11 9:29 p.m.4 views

CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

5.9CVSS8.6AI score
Exploits0References11
NVD
NVDadded 2018/06/11 9:29 p.m.13 views

CVE-2018-5131

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

5.9CVSS6.6AI score0.01281EPSS
Exploits0References11
NVD
NVDadded 2018/06/11 9:29 p.m.15 views

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS9.2AI score0.02442EPSS
Exploits0References12
OSV
OSVadded 2018/06/11 9:29 p.m.1 views

DEBIAN-CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS9.2AI score0.02442EPSS
Exploits0References1
OSV
OSVadded 2018/06/11 9:29 p.m.7 views

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS8.1AI score
Exploits0References12
Prion
Prionadded 2018/06/11 9:29 p.m.14 views

Design/Logic Flaw

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

4.3CVSS6.3AI score0.01281EPSS
Exploits0References11Affected Software9
Prion
Prionadded 2018/06/11 9:29 p.m.22 views

Design/Logic Flaw

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

7.5CVSS9AI score0.02442EPSS
Exploits0References12Affected Software10
CVE
CVEadded 2018/06/11 9:0 p.m.167 views

CVE-2017-7793

CVE-2017-7793 is a use-after-free in Thunderbird/Fetch API where the worker or window is freed while in use, leading to a potentially exploitable crash. Public details reference Thunderbird

9.8CVSS8.1AI score0.02442EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVEadded 2018/06/11 9:0 p.m.23 views

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS9.9AI score0.02442EPSS
Exploits0
Rows per page
Query Builder