1830 matches found
CVE-2021-30585
Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-30585
Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-30585
Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. A use-after-free in the sensor handling component allows an attacker to execute arbitrary code on the host OS...
Chromium: CVE-2021-30585 Use after free in sensor handling
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Google Chrome sensor handling code execution vulnerability
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in sensor handling in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...
Microsoft Edge 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in sensor handling in versions of Google Chrome prior to 92.0.4515.107. A remote attacker could use this vulnerability to execute arbitrary code on the system or cause a denial of service condition...
KLA12236 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface, obtain sensitive information, perform cross-site scripting attack. Below is a complete li...
AKCP sensorProbe SPX476 - (Multiple) Cross-Site Scripting Vulnerability
Exploit Title: AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting XSS Exploit Author: Tyler Butler Vendor Homepage: https://www.akcp.com/ Software Link: https://www.akcp.com/support-center/customer-login/sensorprobe-series-firmware-download/ Advisory:...
AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS)
Exploit Title: AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting XSS Date: 07-01-2021 Exploit Author: Tyler Butler Vendor Homepage: https://www.akcp.com/ Software Link: https://www.akcp.com/support-center/customer-login/sensorprobe-series-firmware-download/ Advisory:...
Exploit for Cross-site Scripting in Akcp Sensorprobe2_Firmware
CVE-2021-35956. Proof of Concept Exploit for CVE-2021-35956,...
CVE-2021-20107
There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...
Information disclosure
There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...
CVE-2021-20107
There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kinetic effects and information disclosure on the faucets. It is possible to use the Bluetooth Low...
CVE-2021-20107
CVE-2021-20107 describes an unauthenticated BLE interface present in Sloan SmartFaucets (including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers such as SOLIS). The vulnerability allows reading and writing to many BLE characteristics over Bluetooth Low Energy, enabling kinetic effects a...
CVE-2021-35956
Stored cross-site scripting XSS in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email from/to/cc, System Name, and System Location fields...
Cross site scripting
Stored cross-site scripting XSS in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email from/to/cc, System Name, and System Location fields...
AKCP sensorProbe 跨站脚本漏洞
The AKCP sensorProbe is a platform-independent environmental and safety monitoring device from AKCP USA. Simply assign an IP address and connect to the embedded web server. A cross-site scripting vulnerability exists in versions prior to SP480-20210624 of the AKCP sensorProbe Embedded Web Server...
CVE-2021-35047
Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and...
Design/Logic Flaw
Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with user level access to the CLI to inject root level commands into the component and neighboring Fidelis components. The vulnerability is present in Fidelis Network and...