Lucene search
K

6926 matches found

CNVD
CNVD
added 2015/05/08 12:0 a.m.2 views

Apple Safari WebKit bypasses same-origin policy vulnerability (CNVD-2015-02944)

WebKit is the open source web browser engine currently used by Safari, Chrome and other browsers. Apple Safari before 6.2.6, 7.1.6 before 7.x,8.0.6 before 8.x versions using WebKit's page-loading implementation suffers from a bypassing the same-origin policy vulnerability that stems from its...

4.3CVSS6.4AI score0.01625EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/05/08 12:0 a.m.23 views

CVE-2015-1155

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site...

7.9AI score0.10946EPSS
Exploits2References9
CVE
CVE
added 2015/05/08 12:0 a.m.69 views

CVE-2015-1155

CVE-2015-1155 - WebKit history implementation flaw allows remote attackers to bypass Same Origin Policy and read arbitrary files via a crafted site. Affected: WebKit used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6. Remediation: apply the vendor patches that fix the histo...

4.3CVSS7.7AI score0.10946EPSS
Exploits2References9Affected Software1
UbuntuCve
UbuntuCve
added 2015/05/07 12:0 a.m.18 views

CVE-2015-1155

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site...

4.3CVSS7.3AI score0.10946EPSS
Exploits2References4
OSV
OSV
added 2015/05/07 12:0 a.m.8 views

UBUNTU-CVE-2015-1155

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site...

4.3CVSS7.3AI score0.10946EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2015/04/29 12:0 a.m.26 views

Mozilla Firefox < 37.0 Multiple Vulnerabilities

Binary data 8742.prm...

7.5CVSS9.6AI score0.67465EPSS
Exploits4References27
Tenable Nessus
Tenable Nessus
added 2015/04/29 12:0 a.m.33 views

Debian DSA-3238-1 : chromium-browser - security update

Several vulnerabilities were discovered in the chromium web browser. - CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. - CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. - CVE-2015-1237 Khalil Zhani discovered a use-after-fr...

7.5CVSS8.7AI score0.02702EPSS
Exploits3References34
OpenVAS
OpenVAS
added 2015/04/28 12:0 a.m.38 views

Ubuntu: Security Advisory (USN-2570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.02702EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.39 views

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2570-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2570-1 advisory. An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially...

7.5CVSS9.1AI score0.02702EPSS
Exploits1References13
Ubuntu
Ubuntu
added 2015/04/27 4:13 p.m.75 views

USN-2570-1: Oxide vulnerabilities

An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2015-1235 An issue was discovered in the Web Audio API implementation in Blink. If a user were...

7.5CVSS9AI score0.02702EPSS
Exploits1
OSV
OSV
added 2015/04/27 4:13 p.m.3 views

USN-2570-1 oxide-qt vulnerabilities

An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2015-1235 An issue was discovered in the Web Audio API implementation in Blink. If a user were...

7.5CVSS7.7AI score0.02702EPSS
Exploits1References13
Debian
Debian
added 2015/04/27 2:41 a.m.44 views

[SECURITY] [DSA 3238-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...

7.5CVSS0.5AI score0.02702EPSS
Exploits3
OpenVAS
OpenVAS
added 2015/04/26 12:0 a.m.32 views

Debian Security Advisory DSA 3238-1 (chromium-browser - security update)

Several vulnerabilities were discovered in the chromium web browser. CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. CVE-2015-1237 Khalil Zhani discovered a use-after-free iss...

7.5CVSS0.3AI score0.02702EPSS
Exploits3References1
OSV
OSV
added 2015/04/26 12:0 a.m.33 views

DSA-3238-1 chromium-browser - security update

Bulletin has no description...

7.5CVSS8.1AI score0.02702EPSS
Exploits3
OpenVAS
OpenVAS
added 2015/04/25 12:0 a.m.28 views

Debian: Security Advisory (DSA-3238-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02702EPSS
Exploits3References3
WPVulnDB
WPVulnDB
added 2015/04/21 12:0 a.m.31 views

WordPress 3.9-4.1.1 - Same-Origin Method Execution

...

4.3CVSS1.8AI score0.06044EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2015/04/20 12:0 a.m.2 views

Google Chrome Same Origin Policy Bypass Vulnerability (CNVD-2015-02620)

Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in the 'ContainerNode::parserRemoveChild' function in the core/dom/ContainerNode.cpp file in the Blink's HTML parser used in Google Chrome versions prior to 42.0.2311.90. ' function in the...

5CVSS6.7AI score0.01648EPSS
Exploits0References1
CNVD
CNVD
added 2015/04/20 12:0 a.m.2 views

Google Chrome Blink Same Origin Policy Bypass Vulnerability

Google Chrome is a web browsing tool developed by Google. The Web Audio API implementation of Blink used in Google Chrome versions prior to 42.0.2311.90 has a security vulnerability in the modules/webaudio/MediaElementAudioSourceNode.cpp file in the ' MediaElementAudioSourceNode::process' functio...

4.3CVSS6.3AI score0.01507EPSS
Exploits0References1
myhack58
myhack58
added 2015/04/20 12:0 a.m.12 views

Privacy killer: the Flash permissions reflection-vulnerability warning-the black bar safety net

0x00 Preface Always thought the risk has long been valued, but recently accidentally found, there are still many sites the presence of the defects, which are some of the commonly used email, social networking sites, so it is necessary then to explore it again. In fact, this is not what...

6.6AI score
Exploits0
NVD
NVD
added 2015/04/19 10:59 a.m.17 views

CVE-2015-1236

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

4.3CVSS5.8AI score0.01507EPSS
Exploits0References10
Rows per page
Query Builder