Lucene search
K

26 matches found

CNNVD
CNNVD
added 2026/04/15 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.101 contained a security vulnerability. This vulnerability stemmed from the Video component allowing for post-release reuse of objects, which could enable a remote attacker to execute arbitrary...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References2
CNVD
CNVD
added 2026/03/26 12:0 a.m.3 views

Google Chrome Out-of-Bounds Read Vulnerability (CNVD-2026-15402)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause an out-of-bounds memory read to be performed via a specially crafted HTML page...

8.8CVSS7.3AI score0.00447EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:8 p.m.6 views

CVE-2021-20751

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.5AI score0.01088EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.7 views

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created web page...

5.5CVSS6AI score0.00395EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.10 views

The vulnerability of Google Chrome browser-based PDF processing components allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome browser-based PDF processors relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a specially crafted HTML page...

10CVSS7.6AI score0.00918EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/06/09 12:0 a.m.6 views

The vulnerability of the Performance Manager component in the Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of the Performance Manager component in Google Chrome browser relates to the use of memory after it is released. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a specially created web page...

8.8CVSS7.3AI score0.0069EPSS
Exploits0References11Affected Software6
Github Security Blog
Github Security Blog
added 2022/05/24 7:6 p.m.14 views

EC-CUBE Cross-site scripting vulnerability

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.6AI score0.01088EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/24 7:6 p.m.20 views

GHSA-R6QQ-QC9M-98W2 EC-CUBE Cross-site scripting vulnerability

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.1AI score0.01088EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 7:6 p.m.19 views

EC-CUBE Cross-site scripting vulnerability

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 3.0.0 to 3.0.18-p2 EC-CUBE 3 series and EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.6AI score0.01557EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/10 12:0 a.m.8 views

The vulnerability of the WebView component for displaying web pages in Google Chrome allows attackers to circumvent existing security restrictions.

The vulnerability of the WebView component of Google Chrome’s browser involves errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...

6.5CVSS6.9AI score0.01015EPSS
Exploits0References9Affected Software6
Prion
Prion
added 2021/12/01 3:15 a.m.12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in ELECOM LAN routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and...

6.8CVSS8.5AI score0.00536EPSS
Exploits0References2Affected Software14
NVD
NVD
added 2021/07/30 2:15 p.m.18 views

CVE-2021-20783

Cross-site request forgery CSRF vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page...

8.8CVSS0.00551EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/28 12:45 a.m.22 views

CVE-2021-20783

Cross-site request forgery CSRF vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page...

9AI score0.00551EPSS
Exploits0References1
OSV
OSV
added 2021/06/28 1:15 a.m.22 views

CVE-2021-20751

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2021/06/22 2:15 a.m.15 views

Cross site scripting

Cross-site scripting vulnerability in EC-CUBE Email newsletters management plugin for EC-CUBE 3.0 series versions prior to version 1.0.4 allows a remote attacker to inject an arbitrary script by leading a user to a specially crafted page and to perform a specific operation...

4.3CVSS6AI score0.00754EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/22 1:35 a.m.17 views

CVE-2021-20744

Cross-site scripting vulnerability in EC-CUBE Category contents plugin for EC-CUBE 3.0 series versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.3AI score0.00754EPSS
Exploits0References2
Prion
Prion
added 2020/09/18 6:15 a.m.15 views

Cross site scripting

Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page...

4.3CVSS6AI score0.00781EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2020/09/08 7:0 a.m.35 views

Microsoft SharePoint Server Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security conte...

8.8CVSS2.1AI score0.03703EPSS
Exploits0
Cvelist
Cvelist
added 2019/12/26 3:16 p.m.20 views

CVE-2019-6035

Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page...

6.2AI score0.01119EPSS
Exploits0References3
OSV
OSV
added 2019/03/12 10:29 p.m.3 views

CVE-2019-5920

Cross-site request forgery CSRF vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

8.8CVSS7.4AI score0.00833EPSS
Exploits0References3
Rows per page
Query Builder