Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libxslt vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-27783
A XSS vulnerability exists in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
Lxml Lxml
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Snapcenter -
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Zfs Storage Appliance Kit 8.8
1 Github repository
4.3
CVSSv3
CVE-2017-5040
V8 in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote malicious user to read values in memory via a crafted HTML page.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
4.3
CVSSv3
CVE-2017-5041
Google Chrome before 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote malicious user to display incorrect information for a site via a crafted HTML page.
Google Chrome
6.3
CVSSv3
CVE-2017-5044
Heap buffer overflow in filter processing in Skia in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.1
CVSSv3
CVE-2017-5045
XSS Auditor in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote malicious user to brute force JavaScript variables via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv3
CVE-2017-5046
V8 in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote malicious user to spoof the location object via a crafted HTML page, related to Blink information disclosure.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-5030
Incorrect handling of complex species in V8 in Google Chrome before 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote malicious user to execute arbitrary code via a crafted HTML page.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2017-5031
A use after free in ANGLE in Google Chrome before 57.0.2987.98 for Windows allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
8.1
CVSSv3
CVE-2017-5035
Google Chrome before 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
7.8
CVSSv3
CVE-2017-5037
An integer overflow in FFmpeg in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote malicious user to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »