|
257711
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-selected tabs, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a c…
|
NVD-CWE-noinfo
|
CVE-2017-5013
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257712
|
8.8 |
HIGH
Network
|
google
|
chrome
|
A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5012
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257713
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem conten…
|
CWE-200
Information Exposure
|
CVE-2017-5011
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257714
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, resolved promises in an inappropriate context, which allowed a remote attacker to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5010
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257715
|
8.8 |
HIGH
Network
|
google
|
chrome
|
WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5009
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257716
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script metho…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5008
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257717
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker …
|
CWE-79
Cross-site Scripting
|
CVE-2017-5007
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257718
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5006
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257719
|
8.8 |
HIGH
Local
|
cisco
|
unified_computing_system_director
|
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile, a Privil…
|
CWE-863
Incorrect Authorization
|
CVE-2017-3801
|
2024-11-21 12:26 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257720
|
5.4 |
MEDIUM
Network
|
mcafee
|
epolicy_orchestrator
|
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing …
|
CWE-79
Cross-site Scripting
|
CVE-2017-3902
|
2024-11-21 12:26 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
