Page 291 of 3035 results (0.185 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en JavaScript en Google Chrome versiones anteriores a 73.0.3683.103, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the JavaScript RegExp.replace method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. • https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop.html https://crbug.com/944971 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. Adobe Flash Player versión 32.0.0.192 y versiones anteriores, presentan una vulnerabilidad de Omisión de la Política del Mismo Origen. Su explotación con éxito podría conllevar a una divulgación de información en el contexto del usuario actual. • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html https://crbug.com/945997 https://helpx.adobe.com/security/products/flash-player/apsb19-30.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW https://www.debian.org/security/2021/dsa-4824 https://access.redhat.com/security/cve/CVE •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Blink en Google Chrome versiones anteriores a 76.0.3809.132, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop_26.html https://crbug.com/978793 https://access.redhat.com/security/cve/CVE-2019-5869 https://bugzilla.redhat.com/show_bug.cgi?id=1748221 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 63%CPEs: 1EXPL: 4

Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una escritura fuera de límites en JavaScript en Google Chrome versiones anteriores a 73.0.3683.86, permitió a un atacante remoto, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://www.exploit-db.com/exploits/48183 https://github.com/timwr/CVE-2019-5825 http://packetstormsecurity.com/files/156641/Google-Chrome-72-73-Array.map-Corruption.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/941743 https://access.redhat.com/security/cve/CVE-2019-5825 https://bugzilla.redhat.com/show_bug.cgi?id=1707247 https://bugs.chromium.org/p/chromium/issues/detail?id=941743 https://github.com/exodusintel/Chro • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en IndexedDB en Google Chrome versiones anteriores a 73.0.3683.86, permitió a un atacante remoto, que había comprometido el proceso del renderizador, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/941746 https://access.redhat.com/security/cve/CVE-2019-5826 https://bugzilla.redhat.com/show_bug.cgi?id=1707248 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •