Lucene search
+L

112 matches found

CNVD
CNVD
added 2021/09/26 12:0 a.m.52 views

Google Chrome Post-release Reuse Vulnerability (CNVD-2021-99288)

Chrome is a simple and efficient web browsing tool developed by Google. portals in versions prior to Google Chrome 94.0.4606.61 are vulnerable to post-release reuse. An attacker could exploit this vulnerability to be able to perform a sandbox escape via a crafted HTML page...

6.8CVSS2.9AI score0.11735EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2021/09/22 12:0 a.m.28 views

Google Chrome UI security bypass vulnerability

Chrome is a simple and efficient web browsing tool developed by Google, which is characterized by simplicity and speed. Google Chrome suffers from a security vulnerability. An attacker could exploit this vulnerability to bypass security restrictions...

4.3CVSS4.2AI score0.01174EPSS
Exploits1References1
CNVD
CNVD
added 2021/09/14 12:0 a.m.44 views

Google Chrome memory out-of-bounds access vulnerability

Chrome is a simple and efficient web browsing tool developed by Google. ANGLE in versions prior to Google Chrome 93.0.4577.82 suffers from a memory out-of-bounds access vulnerability. An attacker could exploit this vulnerability to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS4.4AI score0.0098EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/14 12:0 a.m.42 views

Google Chrome Post-release Reuse Vulnerability (CNVD-2021-92832)

Chrome is a simple and efficient web browsing tool developed by Google. a post-release reuse vulnerability exists in Permissions in versions of Google Chrome prior to 93.0.4577.82. An attacker could exploit this vulnerability to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS3.3AI score0.00852EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/18 12:0 a.m.25 views

Google Chrome Competition Condition Vulnerability (CNVD-2021-68452)

Chrome is a web browsing tool developed by Google. a competing condition vulnerability exists in WebAudio in versions prior to Google Chrome 92.0.4515.159. An attacker could exploit this vulnerability to potentially cause heap corruption via a crafted HTML page...

7.5CVSS3.6AI score0.03874EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/03 12:0 a.m.25 views

Google Chrome Post-release Reuse Vulnerability (CNVD-2021-62188)

Chrome is a web browsing tool developed by Google, and a post-release reuse vulnerability exists in the File System API in versions prior to Google Chrome 92.0.4515.131. An attacker could use this vulnerability to execute arbitrary code or cause a denial of service condition on the system...

8.8CVSS5.9AI score0.02524EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/03 12:0 a.m.27 views

Google Chrome Post-release Reuse Vulnerability (CNVD-2021-62185)

Chrome is a web browsing tool developed by Google, and a post-release reuse vulnerability exists in the Page Info UI in versions prior to Google Chrome 92.0.4515.131. A remote attacker could use this vulnerability to execute arbitrary code or cause a denial of service condition on the system...

6.8CVSS6.5AI score0.01254EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/03 12:0 a.m.28 views

Google Chrome out-of-bounds read vulnerability (CNVD-2021-62186)

Chrome is a web browsing tool developed by Google. An out-of-bounds read vulnerability exists in the Tab Strip in versions of Google Chrome prior to 92.0.4515.131. A remote attacker could exploit this vulnerability to obtain sensitive information...

8.1CVSS4.3AI score0.01948EPSS
Exploits1References1
CNVD
CNVD
added 2021/08/03 12:0 a.m.40 views

Google Chrome Post-release Reuse Vulnerability (CNVD-2021-62183)

Chrome is a web browsing tool developed by Google, and a post-release reuse vulnerability exists in the "Browser UI" in versions of Google Chrome prior to 92.0.4515.131. An attacker could use this vulnerability to execute arbitrary code or cause a denial of service condition on the system...

6.8CVSS5.9AI score0.01254EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/21 12:0 a.m.37 views

Google Chrome Heap Buffer Overflow Vulnerability (CNVD-2021-62166)

Chrome is a web browsing tool developed by Google, and a heap buffer overflow vulnerability exists in WebGL in versions prior to Google Chrome 92.0.4515.107. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash...

8.8CVSS5.1AI score0.01512EPSS
Exploits0References1
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/06/29 12:44 p.m.49 views

What is DNS Hijacking❓ Basic methods of protection

DNS hijacking is a common cyberattack technique known as domain name server reconfiguration. The attacker’s goal is to redirect the user to a bogus website created by them. Domain Name Server Hijacking. Also referred to as DNS redirection, the process is utilized by hackers to alter the resolutio...

0.5AI score
Exploits0
CNVD
CNVD
added 2021/06/11 12:0 a.m.11 views

Google Chrome post-release reuse vulnerability (CNVD-2021-43401)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A post-release reuse vulnerability exists in "Web Services" in Google Chrome versions prior to 91.0.4472.101. No details of the vulnerability are available at this...

8.8CVSS6.1AI score0.01173EPSS
Exploits0References1
Kitploit
Kitploit
added 2021/01/30 8:30 p.m.140 views

PSC - E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward

DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions, single- or multip-hop, being agnostic of the underlying transport, as long as it is reliable and can send/receive Base64 encoded data without modding/filtering. Along with the e2e pty...

7.1AI score
Exploits0References1
Schneier on Security
Schneier on Security
added 2020/08/25 11:28 a.m.15 views

Identifying People by Their Browsing Histories

Interesting paper: "Replication: Why We Still Can't Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories": We examine the threat to individuals' privacy based on the feasibility of reidentifying users through distinctive profiles of their browsing history visible to...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/03/13 8:52 a.m.66 views

Android Cookie-Stealing Malware Found Hijacking Facebook Accounts

A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices. Dubbed "Cookiethief" by Kaspersky researchers, the Trojan works by...

0.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/01/08 12:0 a.m.87 views

JVN#97325754: F-RevoCRM vulnerable to cross-site scripting

F-RevoCRM provided by ThinkingReed inc. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the Patch Apply the patch according to the information provided by the developer. Apply Workaround Applying the...

6.1CVSS6.2AI score0.00781EPSS
Exploits0
ThreatPost
ThreatPost
added 2019/08/12 5:22 p.m.82 views

Tips for Successful Zero-Trust Implementation

The zero-trust concept is often and pithily summarized as “trust no one, verify everything.” No enterprise can stave off the myriad of cyberthreats as long as they assume that any individual element can be trusted as secure. No traffic, whether internal or external, can automatically be deemed...

6.9AI score
Exploits0References1
rdot
rdot
added 2019/07/25 12:0 a.m.25 views

What is BAT and why you should install Brave Browser?

BAT is an Ethereum token that powers Brave Software's blockchain-based digital advertising platform. Internet users who browse the web using Brave's free web browser available at can choose to replace the ads they see with ads on Brave's ad network. Users then receive BAT from advertisers as...

1.2AI score
Exploits0
Symantec
Symantec
added 2019/06/11 12:0 a.m.126 views

Microsoft Windows GDI Component CVE-2019-1011 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems...

6AI score0.04314EPSS
Exploits0Affected Software2
Symantec
Symantec
added 2019/06/11 12:0 a.m.63 views

Microsoft Edge Chakra Scripting Engine CVE-2019-1003 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

0.6AI score0.02403EPSS
Exploits0
Rows per page
Query Builder