26 matches found
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.101 contained a security vulnerability. This vulnerability stemmed from the Video component allowing for post-release reuse of objects, which could enable a remote attacker to execute arbitrary...
Google Chrome Out-of-Bounds Read Vulnerability (CNVD-2026-15402)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause an out-of-bounds memory read to be performed via a specially crafted HTML page...
CVE-2021-20751
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...
The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.
The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created web page...
The vulnerability of Google Chrome browser-based PDF processing components allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of Google Chrome browser-based PDF processors relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a specially crafted HTML page...
The vulnerability of the Performance Manager component in the Google Chrome browser allows a hacker to execute arbitrary code.
The vulnerability of the Performance Manager component in Google Chrome browser relates to the use of memory after it is released. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a specially created web page...
EC-CUBE Cross-site scripting vulnerability
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...
GHSA-R6QQ-QC9M-98W2 EC-CUBE Cross-site scripting vulnerability
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...
EC-CUBE Cross-site scripting vulnerability
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 3.0.0 to 3.0.18-p2 EC-CUBE 3 series and EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...
The vulnerability of the WebView component for displaying web pages in Google Chrome allows attackers to circumvent existing security restrictions.
The vulnerability of the WebView component of Google Chrome’s browser involves errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and...
CVE-2021-20783
Cross-site request forgery CSRF vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page...
CVE-2021-20783
Cross-site request forgery CSRF vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page...
CVE-2021-20751
Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...
Cross site scripting
Cross-site scripting vulnerability in EC-CUBE Email newsletters management plugin for EC-CUBE 3.0 series versions prior to version 1.0.4 allows a remote attacker to inject an arbitrary script by leading a user to a specially crafted page and to perform a specific operation...
CVE-2021-20744
Cross-site scripting vulnerability in EC-CUBE Category contents plugin for EC-CUBE 3.0 series versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...
Cross site scripting
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page...
Microsoft SharePoint Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security conte...
CVE-2019-6035
Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page...
CVE-2019-5920
Cross-site request forgery CSRF vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...