4369 matches found
Design/Logic Flaw
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
Design/Logic Flaw
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2021-37967
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page...
CVE-2021-37968
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
UBUNTU-CVE-2021-37965
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
UBUNTU-CVE-2021-37968
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2021-37968
The CVE-2021-37968 entry describes an insecure implementation in the Background Fetch API in Google Chrome, leading to potential cross-origin data leakage via a crafted HTML page. Affected software: Google Chrome (Background Fetch API); root cause: improper handling in the API implementation; imp...
CVE-2021-37968
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2021-37968
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2021-37967
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page...
CVE-2021-37967
CVE-2021-37967 describes an insecure implementation in the Background Fetch API in Google Chrome/Chromium, where a remote attacker who had already compromised the renderer process could leak cross-origin data via a crafted HTML page. The issue affects Chrome/Chromium prior to version 94.0.4606.54...
CVE-2021-37967
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page...
CVE-2021-37965
CVE-2021-37965 affects Google Chrome/Chromium’s Background Fetch API. The vulnerability stems from an inappropriate implementation, enabling a remote attacker to leak cross-origin data via a crafted HTML page. The NVD records a CVSS v3.1 base score of 4.3 (Medium) with network attack vector, no p...
CVE-2021-37965
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2021-37965
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
Remote Code Execution (RCE)
chromium is vulnerable to remote code execution RCE. The vulnerability exists due to the inappropriate implementation in background fetch API...
Remote Code Execution (RCE)
chromium is vulnerable to remote code execution RCE. The vulnerability exists due to the inappropriate implementation in background fetch API...
Important: sssd
Issue Overview: A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access...
WhatsUpGold 21.0.3 Cross Site Scripting
Exploit Title: WhatsUpGold 21.0.3 - Stored Cross-Site Scripting XSS Date: 09.17.2021 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.21.0.3, Build 188 Tested on: Windows 2019 Server CVE : CVE-2021-41318 Reference:...
FreeBSD : chromium -- multiple vulnerabilities (3551e106-1b17-11ec-a8a7-704d7b472482)
Chrome Releases reports : This update contains 19 security fixes, including : - 1243117 High CVE-2021-37956: Use after free in Offline use. Reported by Huyna at Viettel Cyber Security on 2021-08-24 - 1242269 High CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang on 2021-08-23 -...