8414 matches found
Cheetah Mobile CM Browser Security Bypass Vulnerability
Cheetah Mobile CM Browser is a web browser from Cheetah Mobile, a Chinese company. A security bypass vulnerability exists in Cheetah Mobile CM Browser version 5.22.06.0012. An attacker could exploit this vulnerability to bypass the same-origin policy...
CVE-2018-5327
Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
CVE-2018-5326
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
CVE-2018-5326
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
CVE-2018-5327
Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
Code injection
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
Design/Logic Flaw
Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
CVE-2018-5327
Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
CVE-2018-5326
CVE-2018-5326 affects Cheetah Mobile CM Browser 5.22.06.0012 on older Android platforms, described as a Same Origin Policy bypass . External documents confirm the vulnerability exists in this specific version, enabling cross-origin policy circumvention. The CVSS data provided indicates a network-...
CVE-2018-5327
CVE-2018-5327 affects Cheetah Mobile Armorfly Browser & Downloader (version 1.1.05.0010) on older Android platforms, where a flaw allows bypass of the Same-Origin Policy. The connected CNVD/NVD records describe a security bypass vulnerability enabling cross-origin access, but do not specify exact...
CVE-2018-5326
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3530-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3530-1 advisory. It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be...
CVE-2017-18016
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine reusing the current website's token, which is not bound to an origin...
CVE-2017-18016
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine reusing the current website's token, which is not bound to an origin...
Design/Logic Flaw
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine reusing the current website's token, which is not bound to an origin...
CVE-2017-18016
Parity Browser 1.6.10 and earlier is vulnerable to a Same Origin Policy bypass via its web proxy engine, which reuses the current site’s token not bound to an origin. An attacker could remotely obtain sensitive information by requesting other sites through the proxy. Affected component: Parity Br...
CVE-2017-18016
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine reusing the current website's token, which is not bound to an origin...
USN-3530-1 webkit2gtk vulnerabilities
It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially...
Parity Browser < 1.6.10 - Bypass Same Origin Policy Vulnerability
Exploit for multiple platform in category local exploits VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016 Version: 0.3 Date: Jun 16th, 2017 Tag: parity same origin policy bypass webproxy token reuse Overview -------- Name: parity Vendor: paritytech...
Parity Browser < 1.6.10 - Bypass Same Origin Policy
VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016 Version: 0.3 Date: Jun 16th, 2017 Tag: parity same origin policy bypass webproxy token reuse Overview -------- Name: parity Vendor: paritytech References: https://parity.io/ 1 Version: 1.6.8 Latest Version...