CVSS评分在区间 [7,9.9] 的搜索结果 (28734)

CVE-2018-5122(发布:2018-06-11 17:29:13)NM
CVSS7.5

[原文]A potential integer overflow in the "DoCrypt" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefox < 58.

CVE-2018-5092(发布:2018-06-11 17:29:12)NMS
CVSS7.5

[原文]A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox < 58.

CVE-2017-7835(发布:2018-06-11 17:29:11)NMP
CVSS7.5

[原文]Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57.

CVE-2017-7821(发布:2018-06-11 17:29:10)NMP
CVSS7.5

[原文]A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types. This vulnerability affects Firefox < 56.

CVE-2018-4234(发布:2018-06-08 14:29:02)NMP
CVSS9.3

[原文]An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

CVE-2018-4236(发布:2018-06-08 14:29:02)NMP
CVSS9.3

[原文]An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

首页上一页12345678下一页尾页 第2页 / 共4789页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站