Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6884 matches found

Prion
Prionadded 2020/11/03 3:15 a.m.28 views

Code injection

Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension...

4.3CVSS6.5AI score0.01016EPSS
Exploits0References7Affected Software4
UbuntuCve
UbuntuCveadded 2020/11/03 3:15 a.m.25 views

CVE-2020-15973

Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension...

6.5CVSS6.9AI score0.01016EPSS
Exploits0References1
Prion
Prionadded 2020/11/03 3:15 a.m.15 views

Spoofing

Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page...

6.8CVSS7.7AI score0.01397EPSS
Exploits1References8Affected Software4
OSV
OSVadded 2020/11/03 3:15 a.m.1 views

UBUNTU-CVE-2020-15992

Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page...

8.8CVSS7.3AI score0.01397EPSS
Exploits1References2
OSV
OSVadded 2020/11/03 3:15 a.m.2 views

UBUNTU-CVE-2020-15973

Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension...

6.5CVSS6.6AI score0.01016EPSS
Exploits0References2
Cvelist
Cvelistadded 2020/11/03 2:21 a.m.17 views

CVE-2020-15992

Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page...

7.8AI score0.01397EPSS
Exploits1References8
CVE
CVEadded 2020/11/03 2:21 a.m.183 views

CVE-2020-15992

CVE-2020-15992 affects Chromium-based browsers (Chromium/Google Chrome) before 86.0.4240.75, specifically the networking component. A remote attacker who already gained renderer-process access could bypass the same-origin policy via a crafted HTML page, with impacts including potential informatio...

8.8CVSS7.7AI score0.01397EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVEadded 2020/11/03 2:21 a.m.25 views

CVE-2020-15992

Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page...

8.8CVSS8.6AI score0.01397EPSS
Exploits1
Cvelist
Cvelistadded 2020/11/03 2:21 a.m.23 views

CVE-2020-15973

Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension...

6.6AI score0.01016EPSS
Exploits0References7
CVE
CVEadded 2020/11/03 2:21 a.m.188 views

CVE-2020-15973

CVE-2020-15973: Insufficient policy enforcement in the extensions component of Google Chrome (Chromium) prior to 86.0.4240.75 allowed an attacker, by convincing a user to install a malicious extension, to bypass the same-origin policy. Public advisories (Debian, FreeBSD, Arch Linux) confirm the i...

6.5CVSS6.4AI score0.01016EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVEadded 2020/11/03 2:21 a.m.24 views

CVE-2020-15973

Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension...

6.5CVSS7.4AI score0.01016EPSS
Exploits0
OSV
OSVadded 2020/10/16 5:15 p.m.2 views

CVE-2020-9911

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

7.5CVSS7.1AI score0.01443EPSS
Exploits0References2
NVD
NVDadded 2020/10/16 5:15 p.m.18 views

CVE-2020-9911

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

7.5CVSS0.01443EPSS
Exploits0References2
Prion
Prionadded 2020/10/16 5:15 p.m.13 views

Design/Logic Flaw

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

5CVSS7AI score0.01443EPSS
Exploits0References2Affected Software3
CVE
CVEadded 2020/10/16 4:44 p.m.71 views

CVE-2020-9911

CVE-2020-9911 is a logic issue in Safari Reader mode that could allow a remote attacker to bypass the Same Origin Policy. Apple fixes indicate the issue is addressed in iOS 13.6, iPadOS 13.6, and Safari 13.1.2. The initial description confirms a Same Origin bypass risk in Safari Reader; connected...

7.5CVSS7.2AI score0.01443EPSS
Exploits0References2Affected Software3
Cvelist
Cvelistadded 2020/10/16 4:44 p.m.20 views

CVE-2020-9911

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

7.4AI score0.01443EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2020/10/16 12:0 a.m.2 views

PT-2020-20858 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 Safari versions prior to 13.1.2 Description: A logic issue was addressed with improved restrictions. The issue may allow a remote attacker to bypass the Same Origin Policy in Safari...

7.5CVSS6.9AI score0.01443EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2020/10/13 8:22 a.m.2 views

chromium-browser: Insufficient policy enforcement in networking

Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page...

8.8CVSS7.4AI score0.01397EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2020/10/13 8:22 a.m.2 views

chromium-browser: Insufficient policy enforcement in extensions

Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension...

6.5CVSS7.3AI score0.01016EPSS
Exploits0References5
Snyk
Snykadded 2020/10/08 7:49 a.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS. When an application is running in development mode, and attacker can send or embed in another page a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local...

7.7CVSS5.4AI score0.70717EPSS
Exploits1References2
Rows per page
Query Builder