Lucene search
K

180 matches found

CNNVD
CNNVD
added 2021/04/27 12:0 a.m.4 views

Recruit Hot Pepper Gourmet App 访问控制错误漏洞

Recruit Hot Pepper Gourmet App is a mobile application. A restaurant navigation software An Access Control Error vulnerability exists in Hot Pepper Gourmet App for Android, which stems from improper access restrictions. The following products and versions are affected: Hot Pepper Gourmet App for...

4.3CVSS5.1AI score0.00869EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/01/22 7:1 p.m.45 views

CVE-2020-12511 Pepper+Fuchs Comtrol IO-Link Master Cross-Site Request Forgery

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery CSRF in the web interface...

8.8CVSS8.8AI score0.00568EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/01/22 7:1 p.m.24 views

CVE-2020-12514 Pepper+Fuchs Comtrol IO-Link Master NULL Pointer Dereference

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd...

6.6CVSS6.5AI score0.01013EPSS
Exploits1References1
OSV
OSV
added 2021/01/08 7:15 p.m.1 views

DEBIAN-CVE-2020-16014

Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.4AI score0.0099EPSS
Exploits0References1
OSV
OSV
added 2021/01/08 7:15 p.m.3 views

UBUNTU-CVE-2020-16014

Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS7.3AI score0.0099EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/12/11 12:0 a.m.5 views

The vulnerability of the PPAPI implementation in the Google Chrome web browser allows a hacker to execute arbitrary code.

The vulnerability of the PPAPI implementation in the Google Chrome web browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.3CVSS8.1AI score0.0099EPSS
Exploits0References13Affected Software6
CNNVD
CNNVD
added 2020/11/18 12:0 a.m.9 views

Google Chrome Security Vulnerability

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in versions prior to Google chrome 87.0.4280.66, which originates from PPAPI...

9.6CVSS7.3AI score0.0099EPSS
Exploits0References7
Openbugbounty
Openbugbounty
added 2018/05/12 4:44 p.m.9 views

agriwatch.com XSS vulnerability

Open Bug Bounty ID: OBB-615746 Description| Value ---|--- Affected Website:| agriwatch.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2018/03/09 9:1 a.m.11 views

Vulnerability in Robots Can Lead To Costly Ransomware Attacks

CANCUN, Mexico – A vulnerability in Softbank Robotics’ NAO and Pepper robots can lead to costly ransomware attacks that could cause robots deployed in businesses to stop working, curse at customers, or even perform violent movements. The vulnerability was disclosed at Kaspersky Lab’s Security...

0.7AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/12/21 12:0 a.m.7 views

The vulnerability in the PPAPI implementation of the Google Chrome browser allows a hacker to escape from an isolated environment.

The vulnerability of the PPAPI implementation in Google Chrome exists due to insufficient input validation in PPAPI modules. Exploiting this vulnerability allows a malicious actor to escape from an isolated environment using a specially crafted HTML page...

8.8CVSS7.6AI score0.01427EPSS
Exploits0References8Affected Software1
RedHat Linux
RedHat Linux
added 2017/07/31 2:32 p.m.12 views

chromium-browser: out-of-bounds write in ppapi

Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page...

8.8CVSS7.4AI score0.01474EPSS
Exploits0References5
seebug.org
seebug.org
added 2017/04/24 12:0 a.m.30 views

Chrome Universal XSS via the interception of |Binding| with Object.prototype.create (CVE-2016-1674)

VULNERABILITY DETAILS The fix for the issue 590118 is insufficient to protect against the bindings interception. While they can't be accessed by triggering accessors on the |modules| object anymore, it's still possible to trap the set operation for |Binding. create| using the Object. prototype...

6.8CVSS8.7AI score0.01645EPSS
Exploits1
seebug.org
seebug.org
added 2017/04/24 12:0 a.m.37 views

Chrome Universal XSS using a FrameNavigationDisabler bypass (CVE-2016-1673)

VULNERABILITY DETAILS When a top-level navigation is triggered on a frame displaying the initial empty document, FrameLoader::load is invoked directly: void LocalFrame::navigateDocument& originDocument, const KURL& url, bool replaceCurrentItem, UserGestureStatus userGestureStatus ... if isMainFra...

6.8CVSS8.5AI score0.01593EPSS
Exploits1
seebug.org
seebug.org
added 2017/04/24 12:0 a.m.48 views

Chrome Universal XSS using widget updates in ContainerNode::parserRemoveChild (CVE-2016-1630)

VULNERABILITY DETAILS There are 3 methods where ContainerNode::removeBetween is invoked: 1. ContainerNode::removeChild 2. ContainerNode::parserRemoveChild 3. ContainerNode::removeChildren The calls in 1 and 3 are within the scope of HTMLFrameOwnerElement::UpdateSuspendScope, but 2 is unprotected...

6.8CVSS9AI score0.01068EPSS
Exploits1
seebug.org
seebug.org
added 2017/04/24 12:0 a.m.28 views

Chrome Universal XSS using a flaw in the load deferral logic

VULNERABILITY DETAILS This is a regression from https://crrev.com/f92a1f3b9 . Previously, ResourceLoader::start bailed out if ResourceLoader::mdefersLoading was true. Now, it calls setDefersLoading on the associated WebURLLoader instead: void ResourceLoader::startResourceRequest& request...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2017/04/21 12:0 a.m.48 views

Chrome Universal XSS using late widget updates (CVE-2017-5006)

VULNERABILITY DETAILS Among the things that Document::shutdown does, |view-dispose| is called: From /thirdparty/WebKit/Source/core/frame/FrameView.cpp: void FrameView::dispose ... // FIXME: Do we need to do something here for OOPI? HTMLFrameOwnerElement ownerElement = mframe-deprecatedLocalOwner;...

4.3CVSS7.4AI score0.01231EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2016/09/22 12:0 a.m.47 views

Fedora 24 : wordpress (2016-a8657278bf)

See upstream announcements : - WordPress 4.6 Pepper - WordPress 4.6.1 Security and Maintenance Release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as muc...

7.1CVSS6.2AI score0.38445EPSS
Exploits6References3
BDU FSTEC
BDU FSTEC
added 2016/09/07 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a hacker to bypass the sandboxing protection mechanism.

The vulnerability in the PPAPI implementation of the Google Chrome browser is related to the lack of verification for the source of IPC messages for the plugin process management system. Exploiting this vulnerability allows a malicious actor to bypass the sandboxing mechanism by sending messages...

9.3CVSS7.7AI score0.0246EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2016/08/04 12:0 a.m.78 views

Debian Security Advisory DSA 3637-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1706 Pinkie Pie...

9.3CVSS0.5AI score0.0246EPSS
Exploits2References1
Debian
Debian
added 2016/07/31 9:8 p.m.44 views

[SECURITY] [DSA 3637-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3637-1 [email protected] https://www.debian.org/security/ Michael Gilbert July 31, 2016 https://www.debian.org/security/faq -...

9.3CVSS0.3AI score0.0246EPSS
Exploits2
Rows per page
Query Builder