Lucene search
K

8181 matches found

OSV
OSV
added 2020/11/03 3:15 a.m.10 views

CVE-2020-16004

Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.2AI score
Exploits0References8
OSV
OSV
added 2020/11/03 3:15 a.m.2 views

DEBIAN-CVE-2020-15983

Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...

7.8CVSS7.7AI score0.00286EPSS
Exploits0References1
OSV
OSV
added 2020/11/03 3:15 a.m.4 views

UBUNTU-CVE-2020-16004

Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.01502EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2020/11/02 12:0 a.m.315 views

KLA11990 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in V8 can be exploited to potentiall...

9.6CVSS9.7AI score0.48574EPSS
Exploits3References4
CNVD
CNVD
added 2020/11/02 12:0 a.m.2 views

Google Chrome post-release reuse vulnerability (CNVD-2020-60475)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability exists in the user interface in versions prior to Google Chrome 86.0.4240.183. A remote attacker can then exploit the vulnerabili...

8.8CVSS8.7AI score0.01502EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/11/02 12:0 a.m.2 views

PT-2020-4553 · Google · Google Chrome

Name of the Vulnerable Software and Affected Versions: Google Chrome for Android versions prior to 86.0.4240.185 Description: The issue is related to a heap buffer overflow in the UI component of Google Chrome on Android. This could allow a remote attacker who has compromised the renderer process...

9.3CVSS9.6AI score0.06414EPSS
Exploits0References11
FreeBSD
FreeBSD
added 2020/11/02 12:0 a.m.35 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 10 security fixes, including: 1138911 High CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15 1139398 High CVE-2020-16005: Insufficient policy enforcement in...

9.6CVSS0.7AI score0.48574EPSS
Exploits3References1
OSV
OSV
added 2020/10/29 3:35 p.m.3 views

SUSE-SU-2020:3091-1 Security update for MozillaThunderbird and mozilla-nspr

This update for MozillaThunderbird and mozilla-nspr fixes the following issues: - Mozilla Thunderbird 78.4 new: MailExtensions: browser.tabs.sendMessage API added new: MailExtensions: messageDisplayScripts API added changed: Yahoo and AOL mail users using password authentication will be migrated ...

9.8CVSS8.3AI score0.0262EPSS
Exploits0References12
CNVD
CNVD
added 2020/10/28 12:0 a.m.2 views

IBM Spectrum Scale Cross-Site Scripting Vulnerability (CNVD-2020-59701)

IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...

6.1CVSS6.9AI score0.00721EPSS
Exploits0References1
OSV
OSV
added 2020/10/27 8:15 p.m.3 views

CVE-2018-4390

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofi...

5.5CVSS8.2AI score0.00855EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/27 7:18 p.m.19 views

CVE-2018-4390

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofi...

5AI score0.00855EPSS
Exploits0References3
Kitploit
Kitploit
added 2020/10/26 11:30 a.m.176 views

Decoder++ - An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats

An extensible application for penetration testers and software developers to decode/encode data into various formats. Setup Decoder++ can be either installed by using pip or by pulling the source from this repository: Install using pip pip3 install decoder-plus-plus Overview This section provides...

7.2AI score
Exploits0References2
CNVD
CNVD
added 2020/10/22 12:0 a.m.1 views

IBM Spectrum Scale Cross-Site Scripting Vulnerability (CNVD-2020-58213)

IBM Spectrum Scale is a scalable data and file management solution from IBM USA based on IBM GPFS, an enterprise file management system optimized for petabyte-scale storage management. The product supports helping clients reduce storage costs while improving security and management efficiency in...

5.4CVSS6.2AI score0.00554EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/22 12:0 a.m.2 views

Yandex Browser Information Disclosure Vulnerability

Yandex Browser is a desktop version of the web browser from the Russian company Yandex. Yandex Browser suffers from an information disclosure vulnerability that originates from a critical information vulnerability that is incorrectly displayed in the user interface UI on the address bar, which ca...

4.3CVSS6.3AI score0.00982EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2020/10/22 12:0 a.m.3 views

The vulnerability of the win32k component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the win32k component of the Windows operating system exists due to errors in memory object handling. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.00984EPSS
Exploits0References3
Prion
Prion
added 2020/10/21 7:15 p.m.19 views

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

4.3CVSS5.9AI score0.00765EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/10/21 7:15 p.m.20 views

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

4.3CVSS5.9AI score0.00765EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/10/21 6:40 p.m.14 views

CVE-2020-3581 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

6.1CVSS6.2AI score0.01145EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/21 6:35 p.m.19 views

CVE-2020-3553 Cisco Firepower Management Center Software Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation o...

4.8CVSS6AI score0.00765EPSS
Exploits0References1
Cisco
Cisco
added 2020/10/21 4:0 p.m.80 views

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities

Update June 28, 2021: Cisco has become aware that public exploit code exists for CVE-2020-3580, and this vulnerability is being actively exploited. Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD...

6.1CVSS6.6AI score0.85439EPSS
Exploits2References1
Rows per page
Query Builder