Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
michal bentkowski vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2020-4054
In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or sv...
Sanitize Project Sanitize
10
CVSSv3
CVE-2019-7609
Kibana versions prior to 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing ...
Elastic Kibana
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
15 Github repositories
8.8
CVSSv3
CVE-2017-7000
An issue exists in certain Apple products. iOS prior to 10.3.2 is affected. macOS prior to 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and appl...
Apple Mac Os X
Apple Iphone Os
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Chromium Chromium
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Desktop 6.0
6.5
CVSSv3
CVE-2017-5101
Inappropriate implementation in Omnibox in Google Chrome before 60.0.3112.78 for Linux, Windows, and Mac allowed a remote malicious user to spoof the contents of the Omnibox via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.5
CVSSv3
CVE-2017-5105
Insufficient Policy Enforcement in Omnibox in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to perform domain spoofing via IDN homographs in a crafted domain name.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2017-5091
A use after free in IndexedDB in Google Chrome before 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2017-5092
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome before 60.0.3112.78 for Windows allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-5093
Inappropriate implementation in modal dialog handling in Blink in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to prevent a full screen warning from being displayed via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.5
CVSSv3
CVE-2017-5094
Type confusion in extensions JavaScript bindings in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to potentially maliciously modify objects via a crafted HTML page.
Debian Debian Linux 9.0
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2017-5098
A use after free in V8 in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started