Lucene search
K

9179 matches found

CVE
CVE
added 2023/05/02 11:47 p.m.168 views

CVE-2023-2467

Google Chrome on Android prior to 113.0.5672.63 is affected by CVE-2023-2467 due to an inappropriate implementation in Prompts, which could allow a remote attacker to bypass permissions restrictions via a crafted HTML page. The impact is a permissions bypass without other code execution details p...

4.3CVSS4.8AI score0.00819EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2023/05/02 11:47 p.m.206 views

CVE-2023-2466

CVE-2023-2466 describes an Inappropriate implementation in Prompts in Google Chrome (Chromium) prior to 113.0.5672.63 that allows a remote attacker to spoof the contents of the security UI via a crafted HTML page. Connected sources confirm Chromium/Chrome prompt-related weaknesses with this CVE a...

4.3CVSS4.7AI score0.00801EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2023/05/02 11:47 p.m.26 views

CVE-2023-2466

Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.9AI score0.00801EPSS
Exploits0
Cvelist
Cvelist
added 2023/05/02 11:47 p.m.21 views

CVE-2023-2463

Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

5.3AI score0.00859EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/05/02 11:47 p.m.31 views

CVE-2023-2464

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00645EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/05/02 11:47 p.m.18 views

CVE-2023-2462

Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. Chromium security severity: Medium...

5.9AI score0.00801EPSS
Exploits0References7
CVE
CVE
added 2023/05/02 11:47 p.m.147 views

CVE-2023-2462

The connected documents confirm CVE-2023-2462 affects Google Chrome/Chromium, tied to an inappropriate implementation in Prompts that allowed a remote attacker to obfuscate main origin data via a crafted HTML page. Impact is described as Medium; affected components relate to Chrome/Chromium promp...

4.3CVSS4.9AI score0.00801EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2023/05/02 11:47 p.m.32 views

CVE-2023-2464

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.2AI score0.00645EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/05/02 11:47 p.m.26 views

CVE-2023-2463

Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.00859EPSS
Exploits0
CVE
CVE
added 2023/05/02 11:47 p.m.181 views

CVE-2023-2459

CVE-2023-2459 affects Chromium-based browsers (Google Chrome/Chromium). The vulnerability is an inappropriate implementation in Prompts that allows a remote attacker to bypass permission restrictions through a crafted HTML page. Severity is described as Medium. Technical details across connected ...

6.5CVSS6.3AI score0.00968EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2023/05/02 11:47 p.m.24 views

CVE-2023-2459

Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. Chromium security severity: Medium...

6.7AI score0.00968EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2023/05/02 11:47 p.m.46 views

CVE-2023-2459

Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS7.3AI score0.00968EPSS
Exploits0
Debian
Debian
added 2023/04/30 8:58 p.m.49 views

[SECURITY] [DLA 3408-1] jruby security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3408-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 30, 2023 https://wiki.debian.org/LTS -...

8.1CVSS8.4AI score0.0576EPSS
Exploits3
Fedora
Fedora
added 2023/04/28 2:37 a.m.57 views

[SECURITY] Fedora 38 Update: php-laminas-diactoros2-2.25.2-1.fc38

A PHP package containing implementations of the accepted PSR-7 HTTP message interfaces 1, as well as a "server" implementation similar to node's http.Server 2. Documentation: https://docs.laminas.dev/laminas-diactoros/ Autoloader: /usr/share/php/Laminas/Diactoros2/autoload.php 1...

7.5CVSS6.5AI score0.00965EPSS
Exploits0
Code423n4
Code423n4
added 2023/04/28 12:0 a.m.9 views

Incorrect implementation of RecordParser.readKeyValue()

Lines of code Vulnerability details Impact RecordParser.readKeyValue returns a wrong value if the terminator not found. This is a fundamental library and any contract using it may experience unexpected errors and problems due to this bug. Proof of Concept The implementation logic of...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/04/28 12:0 a.m.8 views

Incorrect implementation of RRUtils.serialNumberGte

Lines of code Vulnerability details Impact Comparing serial numbers should follow RFC1982 due to the possibility of numbers wrapping around. RRUtils.serialNumberGte tried to follow the RFC but failed to do so, leading to incorrect results in comparison. Proof of Concept For a serial number i1 to ...

6.7AI score
Exploits0
Rockylinux
Rockylinux
added 2023/04/26 3:28 p.m.12 views

.NET 7.0 bugfix update

An update is available for dotnet7.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

6.5AI score
Exploits0
Rockylinux
Rockylinux
added 2023/04/26 3:28 p.m.16 views

.NET 6.0 bug fix update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

6.5AI score
Exploits0
OSV
OSV
added 2023/04/25 1:25 p.m.9 views

USN-6040-1 linux-hwe-5.15 vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 It was discovered that the OverlayFS...

7.8CVSS7.1AI score0.0788EPSS
Exploits15References11
OSV
OSV
added 2023/04/24 7:34 p.m.31 views

CVE-2023-29530 Laminas Diactoros vulnerable to HTTP Multiline Header Termination

Laminas Diactoros provides PSR HTTP Message implementations. In versions 2.18.0 and prior, 2.19.0, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.24.0, and 2.25.0, users who create HTTP requests or responses using laminas/laminas-diactoros, when providing a newline at the start or end of a header key or value...

7.5CVSS6.4AI score0.00965EPSS
Exploits0References5
Rows per page
Query Builder