Lucene search
K

3141 matches found

RedHat Linux
RedHat Linux
added 2020/10/13 8:22 a.m.2 views

chromium-browser: Insufficient data validation in webUI

Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...

7.8CVSS7.4AI score0.00286EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/10/07 9:35 a.m.39 views

CVE-2020-15983

Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page...

7.8CVSS2.1AI score0.00286EPSS
Exploits0References4
NVD
NVD
added 2020/08/26 11:15 p.m.22 views

CVE-2019-5321

Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...

9.3CVSS8.7AI score0.02418EPSS
Exploits0References1
Prion
Prion
added 2020/08/26 11:15 p.m.21 views

Design/Logic Flaw

Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...

9.3CVSS8.6AI score0.02418EPSS
Exploits0References1Affected Software6
Cvelist
Cvelist
added 2020/08/26 10:31 p.m.30 views

CVE-2019-5321

Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI...

8.8AI score0.02418EPSS
Exploits0References1
CVE
CVE
added 2020/08/26 10:31 p.m.70 views

CVE-2019-5321

CVE-2019-5321 affects Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware versions: 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, and 16.10.* before 16.10.0003. The issue is a vulnerability in the Web Management Interface that allows Remote ...

9.3CVSS8.6AI score0.02418EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/07/22 5:15 p.m.12 views

CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...

6.1CVSS6.5AI score0.01359EPSS
Exploits0References11
OSV
OSV
added 2020/07/22 5:15 p.m.2 views

DEBIAN-CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...

6.1CVSS6.9AI score0.01359EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/07/22 5:15 p.m.21 views

CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...

6.1CVSS6.9AI score0.01359EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/22 4:16 p.m.23 views

CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...

6.5AI score0.01359EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2020/07/22 4:16 p.m.26 views

CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page...

6.1CVSS7AI score0.01359EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.35 views

openSUSE Security Update : chromium (openSUSE-2020-1020)

This update for chromium fixes the following issues : - Update to 84.0.4147.89 boo1174189 : - Critical CVE-2020-6510: Heap buffer overflow in background fetch. - High CVE-2020-6511: Side-channel information leakage in content security policy. - High CVE-2020-6512: Type Confusion in V8. - High...

9.6CVSS7.9AI score0.1132EPSS
Exploits13References27
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/20 12:0 a.m.80 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1020-1 Rating: important References: 1174189 Cross-References: CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519...

9.6CVSS6.9AI score0.1132EPSS
Exploits13References1
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/20 12:0 a.m.71 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1021-1 Rating: important References: 1174189 Cross-References: CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519...

9.6CVSS6.9AI score0.1132EPSS
Exploits13References1
NVD
NVD
added 2020/07/17 9:15 p.m.20 views

CVE-2020-4104

HCL BigFix WebUI is vulnerable to stored cross-site scripting XSS within the Apps-Software module. An attacker can use XSS to send a malicious script to an unsuspecting user. This affects all versions prior to latest releases as specified in...

5.4CVSS0.00521EPSS
Exploits0References1
Prion
Prion
added 2020/07/17 9:15 p.m.19 views

Cross site scripting

HCL BigFix WebUI is vulnerable to stored cross-site scripting XSS within the Apps-Software module. An attacker can use XSS to send a malicious script to an unsuspecting user. This affects all versions prior to latest releases as specified in...

3.5CVSS5AI score0.00521EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/17 8:46 p.m.24 views

CVE-2020-4104

HCL BigFix WebUI is vulnerable to stored cross-site scripting XSS within the Apps-Software module. An attacker can use XSS to send a malicious script to an unsuspecting user. This affects all versions prior to latest releases as specified in...

5.1AI score0.00521EPSS
Exploits0References1
CVE
CVE
added 2020/07/17 8:46 p.m.47 views

CVE-2020-4104

CVE-2020-4104 affects HCL BigFix WebUI (Apps->Software module). The vulnerability is a stored XSS flaw caused by lack of proper validation of client data in the web application, allowing an attacker to deliver malicious scripts to authenticated users and execute client-side code. Impact is des...

5.4CVSS5AI score0.00521EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2020/07/08 12:0 a.m.195 views

ClearPass Policy Manager Unauthenticated Remote Command Execution Exploit

!/usr/bin/env bash ClearPass Policy Manager Unauthenticated Remote Command Execution in the WebUI CVE-2020-7115 For best results use OpenSSL/libcrypto shipped with RHEL/CentOS 7.x. Questions? Contact email protected. if "$" -ne 4 ; then echo "Usage: basename $0 remote host remote port local host...

10CVSS9.2AI score0.64596EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/07/08 12:0 a.m.238 views

ClearPass Policy Manager Unauthenticated Remote Command Execution

!/usr/bin/env bash ClearPass Policy Manager Unauthenticated Remote Command Execution in the WebUI CVE-2020-7115 For best results use OpenSSL/libcrypto shipped with RHEL/CentOS 7.x. Questions? Contact [email protected]. if "$" -ne 4 ; then echo "Usage: basename $0 remote host remote port...

10CVSS0.7AI score0.64596EPSS
Exploits8
Rows per page
Query Builder