Lucene search
K

6926 matches found

Prion
Prion
added 2015/04/19 10:59 a.m.14 views

Design/Logic Flaw

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element...

5CVSS6.3AI score0.01648EPSS
Exploits0References10Affected Software3
NVD
NVD
added 2015/04/19 10:59 a.m.16 views

CVE-2015-1235

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element...

5CVSS5.7AI score0.01648EPSS
Exploits0References10
Prion
Prion
added 2015/04/19 10:59 a.m.22 views

Design/Logic Flaw

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

4.3CVSS6.3AI score0.01507EPSS
Exploits0References10Affected Software3
CVE
CVE
added 2015/04/19 10:0 a.m.89 views

CVE-2015-1235

CVE-2015-1235 affects the Blink HTML parser: ContainerNode::parserRemoveChild in core/dom/ContainerNode.cpp allows a Same Origin Policy bypass via a crafted HTML document with an IFRAME in Chrome before 42.0.2311.90. The vulnerability stems from the HTML parser logic in Blink, enabling cross-orig...

5CVSS5.8AI score0.01648EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2015/04/19 10:0 a.m.89 views

CVE-2015-1236

The CVE-2015-1236 entry refers to a Chrome/Blink vulnerability in the Web Audio API: MediaElementAudioSourceNode::process in Blink’s Web Audio implementation allows a remote site with a media element to bypass Same Origin Policy and access sensitive audio samples. Impact data from the sources con...

4.3CVSS5.9AI score0.01507EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2015/04/19 10:0 a.m.28 views

CVE-2015-1236

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

5.7AI score0.01507EPSS
Exploits0References10
Cvelist
Cvelist
added 2015/04/19 10:0 a.m.19 views

CVE-2015-1235

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element...

5.6AI score0.01648EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2015/04/19 10:0 a.m.18 views

CVE-2015-1235

Removed by vendor...

5CVSS9.4AI score0.01648EPSS
Exploits0
Debian CVE
Debian CVE
added 2015/04/19 10:0 a.m.27 views

CVE-2015-1236

Removed by vendor...

4.3CVSS9.6AI score0.01507EPSS
Exploits0
OSV
OSV
added 2015/04/19 12:0 a.m.3 views

UBUNTU-CVE-2015-1236

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

4.3CVSS7.4AI score0.01507EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2015/04/19 12:0 a.m.25 views

CVE-2015-1235

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element...

5CVSS7.2AI score0.01648EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2015/04/19 12:0 a.m.21 views

CVE-2015-1236

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

4.3CVSS7.3AI score0.01507EPSS
Exploits0References5
OSV
OSV
added 2015/04/19 12:0 a.m.1 views

UBUNTU-CVE-2015-1235

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element...

5CVSS7.3AI score0.01648EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2015/04/16 8:33 a.m.3 views

chromium-browser: Cross-origin-bypass in Blink

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

4.3CVSS7.3AI score0.01507EPSS
Exploits0References5
CNVD
CNVD
added 2015/04/16 12:0 a.m.4 views

Microsoft Windows MSXML3 Same Origin Policy SFB Vulnerability

Microsoft XML Core Services MSXML is a set of services that can be used to build XML-based Windows-native applications written in JScript, VBScript, and Microsoft development tools. A same-origin policy security feature bypass vulnerability exists in Microsoft XML Core Services MSXML. This...

4.3CVSS6.6AI score0.16975EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/04/15 12:0 a.m.24 views

Microsoft Windows XML Core Services Security Feature Bypass Vulnerability (3046482)

This host is missing an important security update according to Microsoft Bulletin MS15-039. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS5AI score0.16975EPSS
Exploits0References2
NVD
NVD
added 2015/04/14 8:59 p.m.23 views

CVE-2015-1646

Microsoft XML Core Services aka MSXML 3.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted DTD, aka "MSXML3 Same Origin Policy SFB Vulnerability."...

4.3CVSS6AI score0.16975EPSS
Exploits0References2
Prion
Prion
added 2015/04/14 8:59 p.m.20 views

Design/Logic Flaw

Microsoft XML Core Services aka MSXML 3.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted DTD, aka "MSXML3 Same Origin Policy SFB Vulnerability."...

4.3CVSS6.5AI score0.16975EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2015/04/14 8:0 p.m.72 views

CVE-2015-1646

CVE-2015-1646 affects Microsoft XML Core Services (MSXML) 3.0. The vulnerability is a same-origin policy security bypass in MSXML3 that can allow remote attackers to obtain sensitive information via a crafted DTD. Multiple sources (NVD entry and vulnerability repositories) describe the issue and ...

4.3CVSS6.1AI score0.16975EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/04/14 8:0 p.m.31 views

CVE-2015-1646

Microsoft XML Core Services aka MSXML 3.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted DTD, aka "MSXML3 Same Origin Policy SFB Vulnerability."...

6AI score0.16975EPSS
Exploits0References2
Rows per page
Query Builder