CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-6136

Malware in sbrugna...

8.8CVSS9.2AI score0.00512EPSS

Exploits0References12

NVD•added 2025/10/01 10:15 p.m.•1 views

CVE-2025-23297

NVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation process, where an attacker with local unprivileged access could modify files in the Frameview SDK directory. A successful exploit of this vulnerability might lead to escalation of privileges...

7.8CVSS0.00016EPSS

Exploits0References3

Cvelist•added 2025/10/01 9:19 p.m.•4 views

CVE-2025-23297

7.8CVSS0.00016EPSS

Exploits0References3

CVE•added 2025/10/01 9:19 p.m.•10 views

CVE-2025-23297

CVE-2025-23297 concerns NVIDIA App on Windows. The issue is in the FrameviewSDK installation process within the NVIDIA Installer for NvAPP for Windows, where a local unprivileged attacker could modify files in the Frameview SDK directory, potentially leading to privilege escalation. Documents con...

7.8CVSS6.4AI score0.00016EPSS

Exploits0References3

Positive Technologies•added 2025/10/01 12:0 a.m.•2 views

PT-2025-40302

Name of the Vulnerable Software and Affected Versions NVIDIA Installer for NvAPP for Windows affected versions not specified Description The NVIDIA Installer for NvAPP for Windows has a flaw in the FrameviewSDK installation process. An attacker with local unprivileged access can alter files withi...

7.8CVSS6.2AI score0.00016EPSS

Exploits0References9

CNNVD•added 2025/10/01 12:0 a.m.•2 views

NVIDIA App 安全漏洞

NVIDIA App is a client software from NVIDIA Corporation USA. A security vulnerability exists in NVIDIA App that stems from a file that can be modified during the FrameviewSDK installation process, which could result in elevated privileges...

7.8CVSS6.6AI score0.00016EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:1 a.m.•1 views

SUSE CVE-2016-5185

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly allowed reentrance of FrameView::updateLifecyclePhasesInternal, which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages...

8.8CVSS8.9AI score0.00512EPSS

Exploits0References5

Zero Day Initiative•added 2018/07/10 12:0 a.m.•21 views

Apple Safari FrameView Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.2AI score0.00506EPSS

Exploits0References1

Packet Storm•added 2018/02/03 12:0 a.m.•39 views

WebKit WebCore::FrameView::clientToLayoutViewportPoint Use-After-Free

WebKit: use-after-free in WebCore::FrameView::clientToLayoutViewportPoint There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of Revision 225572 on OSX. PoC: ================================================================= function jsfuzzer v...

7.1AI score

Exploits0

exploitpack•added 2018/02/01 12:0 a.m.•47 views

WebKit - WebCore::FrameView::clientToLayoutViewportPoint Use-After-Free

WebKit - WebCore::FrameView::clientToLayoutViewportPoint Use-After-Free function jsfuzzer var b = document.createElement"body"; a.appendb; ta.autofocus = true; var iframe = document.createElement"iframe"; b.appendChildiframe; li.appendChilddd; iframe.contentDocument.caretRangeFromPoint; function...

7.4AI score

Exploits0

0day.today•added 2018/02/01 12:0 a.m.•38 views

WebKit - WebCore::FrameView::clientToLayoutViewportPoint Use-After-Free Exploit

Exploit for multiple platform in category dos / poc function jsfuzzer var b = document.createElement"body"; a.appendb; ta.autofocus = true; var iframe = document.createElement"iframe"; b.appendChildiframe; li.appendChilddd; iframe.contentDocument.caretRangeFromPoint; function eventhandler...

7.1AI score

Exploits0

Exploit DB•added 2018/02/01 12:0 a.m.•37 views

WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free

function jsfuzzer var b = document.createElement"body"; a.appendb; ta.autofocus = true; var iframe = document.createElement"iframe"; b.appendChildiframe; li.appendChilddd; iframe.contentDocument.caretRangeFromPoint; function eventhandler ta.insertAdjacentElement"beforeBegin",a; ::operator...

7.4AI score

Exploits0

Packet Storm•added 2017/11/22 12:0 a.m.•50 views

WebKit WebCore::RenderText::localCaretRect Out-Of-Bounds Read

WebKit: out-of-bounds read in WebCore::RenderText::localCaretRect CVE-2017-13785 There is an out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: ================================================================= max-height: 0;...

7.1AI score0.21364EPSS

Exploits4

seebug.org•added 2017/05/26 12:0 a.m.•32 views

WebKit WebCore::FrameView::scheduleRelayout Use-After-Free(CVE-2017-2514)

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

6.8CVSS8.7AI score0.03506EPSS

Exploits3

exploitpack•added 2017/05/25 12:0 a.m.•30 views

Apple WebKit Safari 10.0.3(12602.4.8) - WebCore::FrameView::scheduleRelayout Use-After-Free

Apple WebKit Safari 10.0.312602.4.8 - WebCore::FrameView::scheduleRelayout Use-After-Free let f = document.body.appendChilddocument.createElement'iframe'; let g = f.contentDocument.body.appendChilddocument.createElement'iframe'; g.contentWindow.onunload = = g.contentWindow.onunload = null; let h ...

7.3AI score

Exploits0

Packet Storm•added 2017/05/25 12:0 a.m.•34 views

WebKit WebCore::FrameView::scheduleRelayout Use-After-Free

WebKit: UAF in WebCore::FrameView::scheduleRelayout CVE-2017-2514 PoC: let f = document.body.appendChilddocument.createElement'iframe'; let g = f.contentDocument.body.appendChilddocument.createElement'iframe'; g.contentWindow.onunload = = g.contentWindow.onunload = null; let h =...

7.5AI score0.03506EPSS

Exploits3

seebug.org•added 2017/04/21 12:0 a.m.•46 views

Chrome Universal XSS using late widget updates (CVE-2017-5006)

VULNERABILITY DETAILS Among the things that Document::shutdown does, |view-dispose| is called: From /thirdparty/WebKit/Source/core/frame/FrameView.cpp: void FrameView::dispose ... // FIXME: Do we need to do something here for OOPI? HTMLFrameOwnerElement ownerElement = mframe-deprecatedLocalOwner;...

4.3CVSS7.4AI score0.0041EPSS

Exploits1

OSV•added 2016/12/18 3:59 a.m.•0 views

CVE-2016-5185

8.8CVSS7.3AI score

Exploits0References5

Tenable Nessus•added 2016/10/19 12:0 a.m.•53 views

Google Chrome < 54.0.2840.59 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 54.0.2840.59. It is, therefore, affected by multiple vulnerabilities as referenced in the 201610stable-channel-update-for-desktop advisory. - Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. CVE-2016-5194...

10CVSS7.6AI score0.00858EPSS

Exploits0References28

Cvelist•added 2014/12/26 2:0 a.m.•20 views

CVE-2011-1796

Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted...

7.2AI score0.00561EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by