CVE-2022-1309

Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

Publication date: Mon, 25 Jul 2022 19:15:00 +0000

Cyber News related to CVE-2022-1309

CVE-2021-41931 - The Company's Recruitment Management System in id2 of the parameter from view_vacancy app on-page appears to be vulnerable to SQL injection. The payloads 19424269' or '1309''1309 and 39476597' or '2917''2923 were ...
2 years ago

CVE-2022-1309 - Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. ...
1 year ago

CVE-2019-1399 - A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique ...
4 years ago

CVE-2019-0712 - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This ...
4 years ago

CVE-2019-1309 - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This ...
4 years ago

CVE-2019-1310 - A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This ...
4 years ago

CVE-2013-1309 - Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," ...
5 years ago

CVE-2013-2551 - Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, as demonstrated by VUPEN during a Pwn2Own competition at ...
5 years ago

CVE-2013-1308 - Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," ...
5 years ago

CVE-2020-1222 - An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation ...
2 years ago

CVE-2020-1309 - An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation ...
2 years ago

CVE-2005-1309 - Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text. ...
15 years ago

CVE-2010-1309 - Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. (dot dot) in the w parameter to index.php. ...
14 years ago

CVE-2007-1309 - Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restrictions by making policy.txt read-only, disconnecting, then manually modifying policy.txt. ...
13 years ago

CVE-2011-1309 - The Plug-in component in IBM WebSphere Application Server (WAS) before 7.0.0.15 does not properly handle trace requests, which has unspecified impact and attack vectors. ...
13 years ago

CVE-2002-1309 - Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name. ...
7 years ago

CVE-2016-1309 - Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meetings Server 2.5.1.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy01843. ...
7 years ago

CVE-2014-1309 - WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other ...
7 years ago

CVE-2004-1309 - Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap (BMP) file containing a large biClrUsed field. ...
6 years ago

CVE-2003-1309 - The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). ...
6 years ago

CVE-1999-1309 - Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option. ...
7 months ago

CVE-2001-1309 - Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. ...
6 years ago

CVE-2018-1309 - Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the ...
6 years ago

CVE-2009-1309 - Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ ...
5 years ago

CVE-2008-1309 - The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the ...
5 years ago

Latest Cyber News

CVE-2024-40605 - 10 hours ago
CVE-2024-40604 - 10 hours ago
CVE-2024-40603 - 10 hours ago
CVE-2024-40602 - 10 hours ago
CVE-2024-40601 - 10 hours ago
CVE-2024-40600 - 10 hours ago
CVE-2024-40599 - 10 hours ago
CVE-2024-40598 - 10 hours ago
CVE-2024-40596 - 10 hours ago
CVE-2024-40597 - 10 hours ago
CVE-2024-6095 - 16 hours ago
CVE-2024-37554 - 17 hours ago
CVE-2024-37553 - 18 hours ago
CVE-2024-37547 - 19 hours ago
CVE-2024-37546 - 19 hours ago
CVE-2024-37542 - 21 hours ago
CVE-2024-37541 - 21 hours ago
CVE-2024-37539 - 21 hours ago
CVE-2024-39486 - 1 day ago
CVE-2024-37260 - 1 day ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 7 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-40605 - 10 hours ago
CVE-2024-40604 - 10 hours ago
CVE-2024-40603 - 10 hours ago
CVE-2024-40602 - 10 hours ago
CVE-2024-40601 - 10 hours ago
CVE-2024-40600 - 10 hours ago
CVE-2024-40599 - 10 hours ago
CVE-2024-40598 - 10 hours ago
CVE-2024-40596 - 10 hours ago
CVE-2024-40597 - 10 hours ago
CVE-2024-6095 - 16 hours ago
CVE-2024-37553 - 18 hours ago
CVE-2024-37554 - 17 hours ago
CVE-2024-37547 - 19 hours ago
CVE-2024-37546 - 19 hours ago
CVE-2024-37542 - 21 hours ago
CVE-2024-37541 - 21 hours ago
CVE-2024-37539 - 21 hours ago
CVE-2024-39486 - 1 day ago
CVE-2024-37260 - 1 day ago