CVE-2018-6039

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.

Publication date: Tue, 25 Sep 2018 19:29:00 +0000

Cyber News related to CVE-2018-6039

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
54 years ago Tenable.com

CVE-2018-6039 - Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension. ...
5 years ago

CVE-2018-14276 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
4 years ago

CVE-2012-6039 - SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter. ...
11 years ago

CVE-2013-6039 - Multiple cross-site scripting (XSS) vulnerabilities in NagiosQL 3.2 SP2 allow remote attackers to inject arbitrary web script or HTML via the txtSearch parameter to (1) admin/hostdependencies.php, (2) admin/hosts.php, or other unspecified pages that ...
10 years ago

CVE-2016-6039 - IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...
7 years ago

CVE-2006-6039 - SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the edit parameter. ...
6 years ago

CVE-2008-6039 - Session fixation vulnerability in BLUEPAGE CMS 2.5 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. ...
5 years ago

CVE-2015-6039 - Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka ...
5 years ago

CVE-2007-6039 - PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in (1) the domain parameter to the dgettext function, the message parameter to the (2) dcgettext or (3) gettext function, the ...
5 years ago

CVE-2017-6039 - A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the device. ...
4 years ago

CVE-2014-6039 - ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has a Credentials Disclosure Vulnerability. Fixed version 10 Build 10000. ...
4 years ago

CVE-2024-6039 - A vulnerability, which was classified as critical, was found in Feng Office 3.11.1.2. Affected is an unknown function of the component Workspaces. The manipulation of the argument dim leads to sql injection. It is possible to launch the attack ...
1 week ago

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
4 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
4 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
4 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

Latest Cyber News

CVE-2024-38525 - 1 hour ago
CVE-2024-5642 - 1 hour ago
CVE-2023-46858 - 1 hour ago
Chicago children's hospital says nearly 800,000 affected by January ransomware attack - 2 hours ago
Betting on Your Digital Rights: EFF Benefit Poker Tournament at DEF CON 32 - 2 hours ago
CVE-2024-37371 - 3 hours ago
CVE-2024-35260 - 3 hours ago
A cyberattack shutdown the University Hospital Centre Zagreb in Croatia - 3 hours ago
June 2024 Web Server Survey - 4 hours ago
CVE-2024-39828 - 4 hours ago
CVE-2024-38533 - 4 hours ago
CVE-2024-38532 - 4 hours ago
CVE-2024-37370 - 4 hours ago
Friday Squid Blogging: New Squid Species - 5 hours ago
Unfurling Hemlock Tossing 'Cluster Bombs' of Malware - 5 hours ago
Landmark Admin, LLC Provides Notice of Data Privacy Incident - 5 hours ago
The Mount Kisco Surgery Center LLC d/b/a The Ambulatory Surgery Center of Westchester - 5 hours ago
Network Segmentation Saved TeamViewer From APT29 Attack - 5 hours ago
CVE-2024-39307 - 5 hours ago
CVE-2024-39302 - 5 hours ago

Cyber Trends (last 7 days)

Okta - 6 months ago
23andMe - 6 months ago
Kimsuky - 6 months ago
LogoFAIL - 6 months ago
Gh0st rat - 6 months ago

Trending Cyber News (last 7 days)

SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
CVE-2024-39828 - 4 hours ago
CVE-2024-38533 - 4 hours ago
CVE-2024-38532 - 4 hours ago
CVE-2024-38525 - 1 hour ago
CVE-2024-37370 - 4 hours ago
CVE-2024-37371 - 3 hours ago
Chicago children's hospital says nearly 800,000 affected by January ransomware attack - 2 hours ago
SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
SandboxAQ Joins the FIDO Alliance to Further Drive the Use of Secure Protocols instead of Passwords - 10 hours ago
Betting on Your Digital Rights: EFF Benefit Poker Tournament at DEF CON 32 - 2 hours ago
CVE-2024-38371 - 8 hours ago
CVE-2024-31912 - 8 hours ago
CVE-2024-35155 - 8 hours ago
CVE-2024-31919 - 8 hours ago