Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
auditor vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-6340
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious JavaScript while creating a new report. Additionally, IWSVA implements i...
Trendmicro Interscan Web Security Virtual Appliance
1 EDB exploit
5
CVSSv2
CVE-2013-6656
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome prior to 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote malicious u...
Google Chrome 33.0.1750.113
Google Chrome 33.0.1750.112
Google Chrome 33.0.1750.104
Google Chrome 33.0.1750.93
Google Chrome 33.0.1750.83
Google Chrome 33.0.1750.82
Google Chrome 33.0.1750.73
Google Chrome 33.0.1750.71
Google Chrome 33.0.1750.64
Google Chrome 33.0.1750.63
Google Chrome 33.0.1750.56
Google Chrome 33.0.1750.55
Google Chrome 33.0.1750.47
Google Chrome 33.0.1750.46
Google Chrome 33.0.1750.39
Google Chrome 33.0.1750.38
Google Chrome 33.0.1750.29
Google Chrome 33.0.1750.28
Google Chrome 33.0.1750.27
Google Chrome 33.0.1750.20
Google Chrome 33.0.1750.19
Google Chrome 33.0.1750.11
6.4
CVSSv2
CVE-2013-6657
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome prior to 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote malicious users to bypass the Same Origin Policy and obtain...
Google Chrome 33.0.1750.111
Google Chrome 33.0.1750.110
Google Chrome 33.0.1750.109
Google Chrome 33.0.1750.91
Google Chrome 33.0.1750.90
Google Chrome 33.0.1750.80
Google Chrome 33.0.1750.79
Google Chrome 33.0.1750.69
Google Chrome 33.0.1750.68
Google Chrome 33.0.1750.61
Google Chrome 33.0.1750.60
Google Chrome 33.0.1750.113
Google Chrome 33.0.1750.112
Google Chrome 33.0.1750.93
Google Chrome 33.0.1750.92
Google Chrome 33.0.1750.82
Google Chrome 33.0.1750.81
Google Chrome 33.0.1750.73
Google Chrome 33.0.1750.71
Google Chrome 33.0.1750.70
Google Chrome 33.0.1750.63
Google Chrome 33.0.1750.62
5
CVSSv2
CVE-2013-6660
The drag-and-drop implementation in Google Chrome prior to 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote malicious users to discover full pathnames via a crafted web site.
Google Chrome 33.0.1750.111
Google Chrome 33.0.1750.110
Google Chrome 33.0.1750.92
Google Chrome 33.0.1750.91
Google Chrome 33.0.1750.80
Google Chrome 33.0.1750.79
Google Chrome 33.0.1750.70
Google Chrome 33.0.1750.69
Google Chrome 33.0.1750.62
Google Chrome 33.0.1750.61
Google Chrome 33.0.1750.53
Google Chrome 33.0.1750.52
Google Chrome 33.0.1750.45
Google Chrome 33.0.1750.44
Google Chrome 33.0.1750.37
Google Chrome 33.0.1750.36
Google Chrome 33.0.1750.26
Google Chrome 33.0.1750.113
Google Chrome 33.0.1750.112
Google Chrome 33.0.1750.104
Google Chrome 33.0.1750.93
Google Chrome 33.0.1750.82
7.5
CVSSv2
CVE-2013-6661
Multiple unspecified vulnerabilities in Google Chrome prior to 33.0.1750.117 allow malicious users to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors.
Google Chrome 33.0.1750.111
Google Chrome 33.0.1750.110
Google Chrome 33.0.1750.92
Google Chrome 33.0.1750.91
Google Chrome 33.0.1750.90
Google Chrome 33.0.1750.80
Google Chrome 33.0.1750.79
Google Chrome 33.0.1750.70
Google Chrome 33.0.1750.69
Google Chrome 33.0.1750.62
Google Chrome 33.0.1750.61
Google Chrome 33.0.1750.60
Google Chrome 33.0.1750.109
Google Chrome 33.0.1750.108
Google Chrome 33.0.1750.89
Google Chrome 33.0.1750.88
Google Chrome 33.0.1750.77
Google Chrome 33.0.1750.76
Google Chrome 33.0.1750.68
Google Chrome 33.0.1750.67
Google Chrome 33.0.1750.59
Google Chrome 33.0.1750.58
7.5
CVSSv2
CVE-2013-6667
Multiple unspecified vulnerabilities in Google Chrome prior to 33.0.1750.146 allow malicious users to cause a denial of service or possibly have other impact via unknown vectors.
Google Chrome 33.0.1750.125
Google Chrome 33.0.1750.126
Google Chrome 33.0.1750.1
Google Chrome 33.0.1750.10
Google Chrome 33.0.1750.111
Google Chrome 33.0.1750.135
Google Chrome 33.0.1750.136
Google Chrome 33.0.1750.107
Google Chrome 33.0.1750.108
Google Chrome 33.0.1750.116
Google Chrome 33.0.1750.117
Google Chrome 33.0.1750.19
Google Chrome 33.0.1750.2
Google Chrome 33.0.1750.26
Google Chrome 33.0.1750.27
Google Chrome 33.0.1750.36
Google Chrome 33.0.1750.37
Google Chrome 33.0.1750.43
Google Chrome 33.0.1750.44
Google Chrome 33.0.1750.50
Google Chrome 33.0.1750.51
Google Chrome 33.0.1750.52
7.5
CVSSv2
CVE-2013-6653
Use-after-free vulnerability in the web contents implementation in Google Chrome prior to 33.0.1750.117 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser.
Google Chrome 33.0.1750.109
Google Chrome 33.0.1750.108
Google Chrome 33.0.1750.90
Google Chrome 33.0.1750.89
Google Chrome 33.0.1750.79
Google Chrome 33.0.1750.77
Google Chrome 33.0.1750.76
Google Chrome 33.0.1750.68
Google Chrome 33.0.1750.67
Google Chrome 33.0.1750.60
Google Chrome 33.0.1750.59
Google Chrome 33.0.1750.51
Google Chrome 33.0.1750.50
Google Chrome 33.0.1750.43
Google Chrome 33.0.1750.42
Google Chrome 33.0.1750.35
Google Chrome 33.0.1750.34
Google Chrome 33.0.1750.24
Google Chrome 33.0.1750.23
Google Chrome 33.0.1750.15
Google Chrome 33.0.1750.14
Google Chrome 33.0.1750.7
7.5
CVSSv2
CVE-2014-1715
Directory traversal vulnerability in Google Chrome prior to 33.0.1750.152 on OS X and Linux and prior to 33.0.1750.154 on Windows has unspecified impact and attack vectors.
Google Chrome
4.3
CVSSv2
CVE-2017-5045
XSS Auditor in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote malicious user to brute force JavaScript variables via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2014-1705
Google V8, as used in Google Chrome prior to 33.0.1750.152 on OS X and Linux and prior to 33.0.1750.154 on Windows, allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Google Chrome
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Debian Debian Linux 8.0
Debian Debian Linux 7.0
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »