|
252651
|
4.8 |
MEDIUM
Network
|
netapp
|
snapcenter_server
|
NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15515
|
2024-11-21 12:14 |
2019-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252652
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient data validation in V8 builtins string generator could lead to out of bounds read and write access in V8 in Google Chrome prior to 62.0.3202.94 and allowed a remote attacker to execute ar…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2017-15428
|
2024-11-21 12:14 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252653
|
7.0 |
HIGH
Local
|
google
|
chrome
|
Inappropriate symlink handling and a race condition in the stateful recovery feature implementation could lead to a persistance established by a malicious code running with root privileges in cryptoh…
|
CWE-362
Race Condition
|
CVE-2017-15405
|
2024-11-21 12:14 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252654
|
7.8 |
HIGH
Local
|
google
|
chrome
|
An ability to process crash dumps under root privileges and inappropriate symlinks handling could lead to a local privilege escalation in Crash Reporting in Google Chrome on Chrome OS prior to 61.0.3…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2017-15404
|
2024-11-21 12:14 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252655
|
7.3 |
HIGH
Local
|
google
|
chrome
|
Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute…
|
CWE-77
Command Injection
|
CVE-2017-15403
|
2024-11-21 12:14 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252656
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prio…
|
CWE-20
Improper Input Validation
|
CVE-2017-15402
|
2024-11-21 12:14 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252657
|
8.8 |
HIGH
Network
|
google
|
chrome
|
A memory corruption bug in WebAssembly could lead to out of bounds read and write through V8 in WebAssembly in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to execute arbitrary code …
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2017-15401
|
2024-11-21 12:14 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252658
|
6.5 |
MEDIUM
Network
|
inedo
|
proget
|
Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings.
|
CWE-352
Origin Validation Error
|
CVE-2017-15608
|
2024-11-21 12:14 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252659
|
6.1 |
MEDIUM
Network
|
google
debian
redhat
|
chrome
debian_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
|
Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
|
CWE-79
Cross-site Scripting
|
CVE-2017-15429
|
2024-11-21 12:14 |
2018-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252660
|
8.8 |
HIGH
Network
|
google
|
chrome
|
A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15406
|
2024-11-21 12:14 |
2018-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
