Lucene search
K

132 matches found

OSV
OSV
•added 2019/06/27 5:15 p.m.•2 views

DEBIAN-CVE-2019-5833

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...

4.3CVSS8.5AI score0.00994EPSS
Exploits0References1
OSV
OSV
•added 2019/06/27 5:15 p.m.•4 views

UBUNTU-CVE-2019-5833

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...

6.5CVSS6.8AI score0.00994EPSS
Exploits0References3
Cvelist
Cvelist
•added 2019/06/27 4:13 p.m.•20 views

CVE-2019-5833

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...

5.1AI score0.00994EPSS
Exploits0References8
Debian CVE
Debian CVE
•added 2019/06/27 4:13 p.m.•23 views

CVE-2019-5833

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...

4.3CVSS6AI score0.00994EPSS
Exploits0
RedHat Linux
RedHat Linux
•added 2019/06/17 7:38 a.m.•4 views

chromium-browser: Inconsistent security UI placement

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...

4.3CVSS7.4AI score0.00994EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2019/06/07 11:56 a.m.•27 views

CVE-2019-5833

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page...

6.5CVSS2.8AI score0.00994EPSS
Exploits0References4
Veracode
Veracode
•added 2019/05/17 5:24 a.m.•13 views

Remote Code Execution

Microsoft ChakraCore is susceptible to remote code execution. During reparsing of coroutines, it does not maintain the same scoping number for coroutines, causing the register with yield data to change...

7.5CVSS7.9AI score0.09215EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
•added 2019/04/03 8:27 p.m.•16 views

CVE-2015-5462

AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features...

6.2AI score0.0103EPSS
Exploits0References1
NVD
NVD
•added 2018/05/01 1:29 p.m.•19 views

CVE-2018-10581

In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated Team scoping. This occurs in situations where this authenticated user also belongs to multiple...

5.5CVSS5.4AI score0.00742EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
•added 2018/03/27 3:29 a.m.•2 views

CVE-2018-9039

In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow. In other words, they can see machines beyond their team's scoped environments...

6.5CVSS5.5AI score0.01045EPSS
Exploits1References3
CVE
CVE
•added 2018/03/27 3:0 a.m.•40 views

CVE-2018-9039

CVE-2018-9039 affects Octopus Deploy 2.0 and later up to (but not including) 2018.3.7, where an authenticated user with variable-edit permissions can scope some variables to targets beyond their allowed permissions and see machines outside their team’s scoped environments. Root cause: insufficien...

6.5CVSS6.3AI score0.01045EPSS
Exploits1References2Affected Software1
OSV
OSV
•added 2018/01/03 9:29 a.m.•4 views

CVE-2018-4862

In Octopus Deploy versions 3.2.11 - 4.1.5 fixed in 4.1.6, an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges...

8.8CVSS5.8AI score0.01084EPSS
Exploits0References1
NVD
NVD
•added 2018/01/03 9:29 a.m.•13 views

CVE-2018-4862

In Octopus Deploy versions 3.2.11 - 4.1.5 fixed in 4.1.6, an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges...

8.8CVSS8.8AI score0.01084EPSS
Exploits0References1
Cvelist
Cvelist
•added 2018/01/03 9:0 a.m.•21 views

CVE-2018-4862

In Octopus Deploy versions 3.2.11 - 4.1.5 fixed in 4.1.6, an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges...

8.8AI score0.01084EPSS
Exploits0References1
The Coalfire Blog
The Coalfire Blog
•added 2016/12/30 1:30 p.m.•15 views

New PCI DSS Scoping Guidance Corroborates Coalfire’s Approach

On Friday, December 6th 2016, the PCI Security Standards Council released their formal information supplement titled, Guidance for PCI DSS Scoping and Network Segmentation. This particular information supplement has been eagerly anticipated in the PCI DSS industry for several years. The document...

2.5AI score
Exploits0
Debian
Debian
•added 2015/09/03 10:10 p.m.•40 views

[SECURITY] [DSA 3351-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3351-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 03, 2015 https://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.0224EPSS
Exploits2
Debian
Debian
•added 2015/09/03 10:10 p.m.•35 views

[SECURITY] [DSA 3351-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3351-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 03, 2015 https://www.debian.org/security/faq -...

7.5CVSS0.8AI score0.0224EPSS
Exploits2
OpenVAS
OpenVAS
•added 2015/09/03 12:0 a.m.•45 views

Debian Security Advisory DSA 3351-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1291 A cross-origin bypass issue was discovered in DOM. CVE-2015-1292 Mariusz Mlynski discovered a cross-origin bypass issue in ServiceWorker. CVE-2015-1293 Mariusz Mlynski discovered a cross-origin bypass issue in...

7.5CVSS0.4AI score0.0224EPSS
Exploits2References1
OSV
OSV
•added 2015/09/03 12:0 a.m.•47 views

DSA-3351-1 chromium-browser - security update

Bulletin has no description...

7.5CVSS9.2AI score0.0224EPSS
Exploits2
OpenVAS
OpenVAS
•added 2015/09/02 12:0 a.m.•36 views

Debian: Security Advisory (DSA-3351-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.1AI score0.0224EPSS
Exploits2References3
Rows per page
Query Builder