Lucene search
+L

133 matches found

susecve
susecve
added 2023/02/15 3:56 a.m.5 views

SUSE CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

4.3CVSS5.8AI score0.00707EPSS
Exploits0References9
nvd
nvd
added 2021/05/06 1:15 p.m.28 views

CVE-2021-31616

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

8.8CVSS0.02497EPSS
Exploits1References4
osv
osv
added 2021/05/06 1:15 p.m.6 views

CVE-2021-31616

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

8.8CVSS6.1AI score0.02497EPSS
Exploits1References4
prion
prion
added 2021/05/06 1:15 p.m.18 views

Stack overflow

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

6.8CVSS8.9AI score0.02497EPSS
Exploits1References4Affected Software1
cve
cve
added 2021/05/06 11:1 a.m.46 views

CVE-2021-31616

CVE-2021-31616 affects ShapeShift KeepKey hardware wallet firmware prior to 7.1.0. The issue is a stack buffer overflow caused by insufficient length checks in the ethereum_extractThorchainSwapData() function within ethereum.c, which can be triggered by crafted messages and is reachable remotely ...

8.8CVSS8.9AI score0.02497EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2021/05/06 11:1 a.m.42 views

CVE-2021-31616

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

9.2AI score0.02497EPSS
Exploits1References4
bdu_fstec
bdu_fstec
added 2021/03/30 12:0 a.m.6 views

The vulnerability of the WebUSB component in Google Chrome, related to integer overflow of values, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WebUSB component in Google Chrome relates to a potential overflow of values. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures...

6.8CVSS6.9AI score0.01272EPSS
Exploits1References12Affected Software6
bdu_fstec
bdu_fstec
added 2021/03/21 12:0 a.m.6 views

The vulnerability in the implementation of the WebUSB protocol of Google Chrome, related to the use of memory after it is freed, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the WebUSB protocol implementation in Google Chrome browser is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

7.3CVSS7.7AI score0.22868EPSS
Exploits0References10Affected Software5
nvd
nvd
added 2021/01/08 7:15 p.m.18 views

CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

4.3CVSS5.3AI score0.00707EPSS
Exploits0References2
osv
osv
added 2021/01/08 7:15 p.m.7 views

CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

4.3CVSS8.4AI score
Exploits0References2
osv
osv
added 2021/01/08 7:15 p.m.3 views

DEBIAN-CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

4.3CVSS6.8AI score0.00707EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2021/01/08 7:15 p.m.26 views

CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

4.3CVSS6.8AI score0.00707EPSS
Exploits0References1
osv
osv
added 2021/01/08 7:15 p.m.5 views

UBUNTU-CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

4.3CVSS6.2AI score0.00707EPSS
Exploits0References2
cve
cve
added 2021/01/08 5:53 p.m.184 views

CVE-2020-16033

CVE-2020-16033 affects Chromium/Google Chrome WebUSB. The issue is an inappropriate WebUSB implementation that enables content spoofing of the security UI via a crafted HTML page, allowing a remote attacker to trick users. Affected: Chromium/Chrome prior to 87.0.4280.66 (WebUSB component). Impact...

4.3CVSS5AI score0.00707EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2021/01/08 5:53 p.m.26 views

CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

5.2AI score0.00707EPSS
Exploits0References2
debiancve
debiancve
added 2021/01/08 5:53 p.m.27 views

CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...

4.3CVSS6AI score0.00707EPSS
Exploits0
veracode
veracode
added 2020/12/21 7:57 p.m.26 views

Integer Overflow In WebUSB

chromium, sid is vulnerable to integer overflow in WebUSB in Google Chrome. It allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

6.3CVSS3.1AI score0.01272EPSS
Exploits1References10Affected Software1
veracode
veracode
added 2020/12/21 7:50 p.m.24 views

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. The vulnerability exists through use after free in WebUSB that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS4.4AI score0.22868EPSS
Exploits0References8Affected Software1
veracode
veracode
added 2020/12/21 6:51 p.m.25 views

Incorrect Security UI

chromium, sid has an incorrect security ui due to a flaw found in the WebUSB component of the Chromium browser...

4.3CVSS2AI score0.00707EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2020/11/30 12:0 a.m.43 views

openSUSE Security Update : chromium (openSUSE-2020-2021)

This update for chromium fixes the following issues : - Update to 87.0.4280.66 boo1178923 - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. -...

9.6CVSS7.4AI score0.03011EPSS
Exploits3References24
Rows per page
Query Builder