Lucene search
K

53 matches found

Hacker One
Hacker One
added 2021/01/07 3:27 a.m.38 views

Internet Bug Bounty: Canonical Snapcraft vulnerable to remote code execution under certain conditions

Preface: I apologize for previously submitting this bug to hacker1 before it was fully addressed by the Ubuntu Security Team I have reported this issue to the Ubuntu Security team and it has been fixed: CVE-2020-27348 Bug link: https://bugs.launchpad.net/snapcraft/+bug/1901572 Ubuntu Security Tea...

4.4CVSS7.3AI score0.00673EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2019/06/27 5:15 p.m.21 views

CVE-2018-6142

Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...

6.5CVSS7AI score0.00833EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/01/16 12:0 a.m.270 views

CentOS Update for libgudev1-219-62.el7_ CESA-2019:0049 centos7

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.4AI score0.02958EPSS
Exploits3References2
UbuntuCve
UbuntuCve
added 2019/01/09 7:29 p.m.28 views

CVE-2018-6056

Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.3AI score0.08793EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/01/09 7:29 p.m.23 views

CVE-2018-6143

Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

6.5CVSS7AI score0.01597EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/11/14 3:29 p.m.31 views

CVE-2018-6065

Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.58822EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2018/11/14 3:29 p.m.25 views

CVE-2018-6061

A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

7.5CVSS7.2AI score0.01345EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/08/28 8:29 p.m.36 views

CVE-2017-15406

A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

8.8CVSS7.4AI score0.0088EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/08/28 8:29 p.m.40 views

CVE-2017-15429

Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...

6.1CVSS6.7AI score0.01142EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/08/28 8:29 p.m.39 views

CVE-2017-15396

A stack buffer overflow in NumberingSystem in International Components for Unicode ICU for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7.2AI score0.02203EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/10/27 5:29 a.m.25 views

CVE-2017-5116

Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.5AI score0.12674EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/10/27 5:29 a.m.29 views

CVE-2017-5053

An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf...

9.6CVSS7.5AI score0.02557EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/10/27 5:29 a.m.23 views

CVE-2017-5071

Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

6.8CVSS7AI score0.02193EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/03/10 12:0 a.m.25 views

CVE-2017-5030

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page...

8.8CVSS7.3AI score0.41603EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2017/03/10 12:0 a.m.27 views

CVE-2017-5040

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page...

4.3CVSS6.8AI score0.22071EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2016/12/06 12:0 a.m.24 views

CVE-2016-5213

A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.01151EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2016/12/06 12:0 a.m.24 views

CVE-2016-9651

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS7.3AI score0.11182EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2016/12/06 12:0 a.m.23 views

CVE-2016-5219

A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS7AI score0.00976EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2016/11/11 12:0 a.m.23 views

CVE-2016-5200

V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.01561EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/07/23 12:0 a.m.28 views

CVE-2016-5129

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code...

8.8CVSS7.2AI score0.02094EPSS
Exploits0References3
Rows per page
Query Builder