chromium-browser: Use after free in Skia

Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

MiniShare Buffer Error Vulnerability (CNVD-2018-25030)

MiniShare is a file sharing system. A buffer overflow vulnerability exists in MiniShare version 1.4.1. An attacker can exploit this vulnerability by sending a long HTTP POST request to execute arbitrary code...

Google Chrome Blink Buffer Overflow Vulnerability (CNVD-2019-01604)

Google Chrome is a web browser developed by Google Inc. Blink is a browser layout engine rendering engine jointly developed by Google Inc. and Opera Software of Norway. A buffer overflow vulnerability exists in Blink in versions prior to Google Chrome 71.0.3578.80. A remote attacker could exploit...

CVE-2018-6095

Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page...

UBUNTU-CVE-2018-6094

Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

ruby: HTTP response splitting in WEBrick

It was found that WEBrick did not sanitize headers sent back to clients, resulting in a response-splitting vulnerability. An attacker, able to control the server's headers, could force WEBrick into injecting additional headers to a client...

DEBIAN-CVE-2018-12116

Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the path option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to...

nginx: Excessive CPU usage via flaw in HTTP/2 implementation

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngxhttpv2module not compiled by default if the 'http2' option of the 'listen' directive is used in a configuration file...

PHP Denial of Service Vulnerability (CNVD-2019-00335)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A security vulnerability exists in th...

CVE-2018-6083

Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...

CVE-2018-17465

Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...

UBUNTU-CVE-2018-6076

Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page...

CVE-2018-17474

Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-8564

A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka "Microsoft Edge Spoofing Vulnerability." This affects Microsoft Edge...

httpd: DoS for HTTP/2 connections by continuous SETTINGS frames

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol...

The vulnerability of the WLS component – the Web Services server of Oracle WebLogic Server – allows a attacker to disclose sensitive information that is protected by this system.

The vulnerability of the WLS component—the Web Services server of Oracle WebLogic Server—is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information using the HTTP network protocol...

LAOBANCMS Arbitrary PHP Code Execution Vulnerability

Laoban CMS LAOBANCMS content management system is based on PHP + MYSQL environment developed by the old class of open-source website building system . LAOBANCMS 2.0 has an arbitrary PHP code execution vulnerability. Remote attackers can install/ URI through the host parameter to exploit the...

The vulnerability of the Chrome web browser’s angle library, allowing a hacker to execute arbitrary code

The vulnerability of the Chrome web browser’s angle library arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code, cause system failures, or disclose sensitive information through a specially...

DEBIAN-CVE-2018-19206

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of , as demonstrated by an onload attribute in a BODY element, within an HTML attachment...

OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...