Page 291 of 2560 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0

CVE-2019-8075 – flash-plugin: Same origin policy bypass leading to information disclosure

https://notcve.org/view.php?id=CVE-2019-8075

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. Adobe Flash Player versión 32.0.0.192 y versiones anteriores, presentan una vulnerabilidad de Omisión de la Política del Mismo Origen. Su explotación con éxito podría conllevar a una divulgación de información en el contexto del usuario actual. • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html https://crbug.com/945997 https://helpx.adobe.com/security/products/flash-player/apsb19-30.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW https://www.debian.org/security/2021/dsa-4824 https://access.redhat.com/security/cve/CVE •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5869 – chromium-browser: Use-after-free in Blink

https://notcve.org/view.php?id=CVE-2019-5869

Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Blink en Google Chrome versiones anteriores a 76.0.3809.132, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop_26.html https://crbug.com/978793 https://access.redhat.com/security/cve/CVE-2019-5869 https://bugzilla.redhat.com/show_bug.cgi?id=1748221 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5826 – chromium-browser: Use-after-free in IndexedDB

https://notcve.org/view.php?id=CVE-2019-5826

Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en IndexedDB en Google Chrome versiones anteriores a 73.0.3683.86, permitió a un atacante remoto, que había comprometido el proceso del renderizador, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/941746 https://access.redhat.com/security/cve/CVE-2019-5826 https://bugzilla.redhat.com/show_bug.cgi?id=1707248 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 66%CPEs: 1EXPL: 5

CVE-2019-5825 – Google Chromium V8 Out-of-Bounds Write Vulnerability

https://notcve.org/view.php?id=CVE-2019-5825

Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una escritura fuera de límites en JavaScript en Google Chrome versiones anteriores a 73.0.3683.86, permitió a un atacante remoto, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://www.exploit-db.com/exploits/48183 https://github.com/timwr/CVE-2019-5825 http://packetstormsecurity.com/files/156641/Google-Chrome-72-73-Array.map-Corruption.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/941743 https://access.redhat.com/security/cve/CVE-2019-5825 https://bugzilla.redhat.com/show_bug.cgi?id=1707247 https://bugs.chromium.org/p/chromium/issues/detail?id=941743 https://github.com/exodusintel/Chro • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5856 – chromium-browser: Insufficient checks on filesystem: URI permissions

https://notcve.org/view.php?id=CVE-2019-5856

Insufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una aplicación de política insuficiente en storage en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto, que había comprometido el proceso del renderizador, omitir el aislamiento del sitio por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/964245 https://access.redhat.com/security/cve/CVE-2019-5856 https://bugzilla.redhat.com/show_bug.cgi?id=1737727 • CWE-20: Improper Input Validation •