Lucene search
K

1830 matches found

Cvelist
Cvelist
added 2021/08/03 7:41 p.m.15 views

CVE-2021-30585

Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.4AI score0.01359EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2021/08/03 7:41 p.m.25 views

CVE-2021-30585

Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.6AI score0.01359EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/08/03 7:41 p.m.49 views

CVE-2021-30585

Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.3AI score0.01359EPSS
Exploits0
Veracode
Veracode
added 2021/07/24 4:9 a.m.6 views

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. A use-after-free in the sensor handling component allows an attacker to execute arbitrary code on the host OS...

8.8CVSS7.7AI score0.01359EPSS
Exploits0References9Affected Software3
Microsoft CVE
Microsoft CVE
added 2021/07/22 7:0 a.m.28 views

Chromium: CVE-2021-30585 Use after free in sensor handling

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.8AI score0.01359EPSS
Exploits0
CNVD
CNVD
added 2021/07/21 12:0 a.m.20 views

Google Chrome sensor handling code execution vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in sensor handling in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

8.8CVSS6.3AI score0.01359EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.3 views

Microsoft Edge 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in sensor handling in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...

8.8CVSS6.3AI score0.01359EPSS
Exploits0References14
Kaspersky
Kaspersky
added 2021/07/20 12:0 a.m.325 views

KLA12236 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface, obtain sensitive information, perform cross-site scripting attack. Below is a complete li...

9.6CVSS10AI score0.06282EPSS
Exploits28References4
0day.today
0day.today
added 2021/07/02 12:0 a.m.137 views

AKCP sensorProbe SPX476 - (Multiple) Cross-Site Scripting Vulnerability

Exploit Title: AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting XSS Exploit Author: Tyler Butler Vendor Homepage: https://www.akcp.com/ Software Link: https://www.akcp.com/support-center/customer-login/sensorprobe-series-firmware-download/ Advisory:...

5.4CVSS5.6AI score0.0323EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.358 views

AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS)

Exploit Title: AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting XSS Date: 07-01-2021 Exploit Author: Tyler Butler Vendor Homepage: https://www.akcp.com/ Software Link: https://www.akcp.com/support-center/customer-login/sensorprobe-series-firmware-download/ Advisory:...

5.4CVSS5.5AI score0.0323EPSS
Exploits5
GithubExploit
GithubExploit
added 2021/07/01 12:44 p.m.156 views

Exploit for Cross-site Scripting in Akcp Sensorprobe2_Firmware

CVE-2021-35956. Proof of Concept Exploit for CVE-2021-35956,...

5.4CVSS4.9AI score0.0323EPSS
Exploits5
NVD
NVD
added 2021/06/30 2:15 p.m.17 views

CVE-2021-20107

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...

5.4CVSS0.00543EPSS
Exploits1References1
Prion
Prion
added 2021/06/30 2:15 p.m.16 views

Information disclosure

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...

4.8CVSS5.4AI score0.00543EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/06/30 1:21 p.m.24 views

CVE-2021-20107

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...

5.7AI score0.00543EPSS
Exploits1References1
CVE
CVE
added 2021/06/30 1:21 p.m.51 views

CVE-2021-20107

CVE-2021-20107 describes an unauthenticated BLE interface present in Sloan SmartFaucets (including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers such as SOLIS). The vulnerability allows reading and writing to many BLE characteristics over Bluetooth Low Energy, enabling kinetic effects a...

5.4CVSS5.3AI score0.00543EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2021/06/30 12:15 p.m.4 views

CVE-2021-35956

Stored cross-site scripting XSS in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email from/to/cc, System Name, and System Location fields...

5.4CVSS6.1AI score0.0323EPSS
Exploits5References4
Prion
Prion
added 2021/06/30 12:15 p.m.13 views

Cross site scripting

Stored cross-site scripting XSS in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email from/to/cc, System Name, and System Location fields...

3.5CVSS5AI score0.0323EPSS
Exploits5References4Affected Software5
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.4 views

AKCP sensorProbe 跨站脚本漏洞

The AKCP sensorProbe is a platform-independent environmental and safety monitoring device from AKCP USA. Simply assign an IP address and connect to the embedded web server. A cross-site scripting vulnerability exists in versions prior to SP480-20210624 of the AKCP sensorProbe Embedded Web Server...

5.4CVSS5.4AI score0.0323EPSS
Exploits5References6
OSV
OSV
added 2021/06/25 12:15 p.m.2 views

CVE-2021-35047

Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and...

8.8CVSS7.3AI score
Exploits0References2
Prion
Prion
added 2021/06/25 12:15 p.m.10 views

Design/Logic Flaw

Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and...

9CVSS8.5AI score0.01638EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder