Lucene search
K

6939 matches found

Debian CVE
Debian CVE
added 2015/02/06 11:0 a.m.43 views

CVE-2015-1210

Removed by vendor...

5CVSS9.4AI score0.01985EPSS
Exploits0
CNVD
CNVD
added 2015/02/06 12:0 a.m.3 views

Microsoft Internet Explorer Same Origin Policy Security Bypass Vulnerability

Internet Explorer is a web browser from Microsoft. A security bypass vulnerability exists in the Microsoft Internet Explorer homology policy, which can be exploited by an attacker to bypass the homology policy and certain access restrictions to access data...

4.3CVSS6.7AI score0.71698EPSS
Exploits5References1
UbuntuCve
UbuntuCve
added 2015/02/06 12:0 a.m.24 views

CVE-2015-1210

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the...

5CVSS7.2AI score0.01985EPSS
Exploits0References6
OSV
OSV
added 2015/02/06 12:0 a.m.3 views

UBUNTU-CVE-2015-1210

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the...

5CVSS7.3AI score0.01985EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2015/02/04 11:55 a.m.24 views

XSS Vulnerability in IE Could Lead to Phishing Attacks

Microsoft is aware of a recently disclosed bug in its latest browser, Internet Explorer 11, and is developing a patch for the issue. The vulnerability, a universal cross-site scripting XSS bug, could be exploited to steal information or inject code into domains on the browser on Windows 7 and 8.1...

5.6AI score
Exploits0References3
The Hacker News
The Hacker News
added 2015/02/04 12:53 a.m.16 views

Microsoft Internet Explorer Universal Cross-Site Scripting Flaw

A serious vulnerability has been discovered in all the latest versions of Microsoft's Internet Explorer that allows malicious hackers to inject malicious code into users' websites and steal cookies, session and login credentials. UNIVERSAL XSS BUG WITH SAME ORIGIN POLICY BYPASS The vulnerability ...

5.8AI score
Exploits0
CNVD
CNVD
added 2015/02/03 12:0 a.m.1 views

Microsoft Internet Explorer Homology Bypass Vulnerability

Internet Explorer is a web browser from Microsoft. Internet Explorer 11 suffers from a same-origin policy bypass vulnerability, which can be exploited by an attacker to bypass the same-origin policy and gain access to the content of other arbitrary web domains, or execute malicious code to be...

7.3AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/02/03 12:0 a.m.5 views

Internet Explorer Same Origin Policy Bypass (CVE-2015-0072)

A same-origin policy bypass vulnerability has been reported in Microsoft Internet Explorer. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a web page. Successful exploitation can result in the disclosure of information about other web pages opened by...

4.3CVSS6AI score0.71698EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/02/02 12:0 a.m.27 views

Internet Explorer 11 Same Origin Bypass

insider3show insider3show function go w=window.frames0; w.setTimeout"alerteval'x=top.frames1;r=confirm\'Close this window after 3...

Exploits0
RedHat Linux
RedHat Linux
added 2015/01/27 6:46 p.m.3 views

chromium-browser: same-origin-bypass in V8

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...

4.3CVSS7.5AI score0.02563EPSS
Exploits0References5
CNVD
CNVD
added 2015/01/26 12:0 a.m.2 views

Google Chrome V8 Same Origin Bypass Vulnerability

Google Chrome is a popular WEB browser. A security vulnerability in Google Chrome V8 Harmony proxy allows attackers to bypass the same-origin policy by calling JavaScript code via specially crafted Proxy.create and console.log...

4.3CVSS6.9AI score0.02563EPSS
Exploits0References1
NVD
NVD
added 2015/01/22 10:59 p.m.15 views

CVE-2014-7939

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...

4.3CVSS6.3AI score0.02563EPSS
Exploits0References9
Prion
Prion
added 2015/01/22 10:59 p.m.18 views

Design/Logic Flaw

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...

4.3CVSS6.8AI score0.02563EPSS
Exploits0References9Affected Software7
UbuntuCve
UbuntuCve
added 2015/01/22 10:59 p.m.25 views

CVE-2014-7939

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...

4.3CVSS7.3AI score0.02563EPSS
Exploits0References3
OSV
OSV
added 2015/01/22 10:59 p.m.8 views

UBUNTU-CVE-2014-7939

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...

4.3CVSS7.4AI score0.02563EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/01/22 10:0 p.m.36 views

CVE-2014-7939

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...

9.1AI score0.02563EPSS
Exploits0References9
CVE
CVE
added 2015/01/22 10:0 p.m.73 views

CVE-2014-7939

CVE-2014-7939 affects Google Chrome before 40.0.2214.91, where the Harmony proxy in V8 can bypass the Same Origin Policy via crafted JavaScript using Proxy.create and console.log, related to HTTP responses missing X-Content-Type-Options: nosniff. Affected component is Chrome’s V8/Chromium stack; ...

4.3CVSS9AI score0.02563EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2015/01/22 10:0 p.m.23 views

CVE-2014-7939

Removed by vendor...

4.3CVSS9.3AI score0.02563EPSS
Exploits0
FreeBSD
FreeBSD
added 2015/01/21 12:0 a.m.31 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 62 security fixes in this release, including: 430353 High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning. 435880 High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne. 434136 High CVE-2014-7925: Use-after-free in WebAudio. Credit ...

7.5CVSS8.5AI score0.04339EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.44 views

Oracle Solaris Third-Party Patch Update : thunderbird (multiple_vulnerabilities_in_thunderbird3)

The remote Solaris system is missing necessary patches to address security updates : - Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assiste...

10CVSS8.9AI score0.05368EPSS
Exploits4References11
Rows per page
Query Builder