Lucene search
K

206 matches found

Prion
Prion
added 2017/02/17 7:59 a.m.16 views

Type confusion

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

4.3CVSS5AI score0.014EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2017/01/27 12:0 a.m.7 views

UBUNTU-CVE-2017-5023

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

4.3CVSS6.7AI score0.014EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/01/26 10:2 p.m.4 views

chromium-browser: type confusion in metrics

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page...

4.3CVSS7.4AI score0.014EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.8 views

The vulnerability of the Ruby Colorscore interpreter extension, which allows a hacker to execute arbitrary code.

The vulnerability of the class initialization method Histogram lib/colorscore/histogram.rb in the Ruby Colorscore extension is related to the lack of measures to clean input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using metasymbols in variables like...

10CVSS8.2AI score0.0353EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2016/01/12 12:0 a.m.25 views

Ruby colorscore gem arbitrary code execution vulnerability

Ruby is a cross-platform, object-oriented, dynamically-typed programming language developed by Japanese software developer Yukihiro Matsumoto. colorscore gem is one of the libraries used to distinguish colors. A security vulnerability exists in the 'initialize' method of the Histogram class in th...

10CVSS7.7AI score0.0353EPSS
Exploits0References1
NVD
NVD
added 2016/01/08 9:59 p.m.18 views

CVE-2015-7541

The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the 1 imagepath, 2 colors, or 3 depth variable...

10CVSS9.7AI score0.0353EPSS
Exploits0References3
Rows per page
Query Builder