5836 matches found
openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0368-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0368-1 advisory. - Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a...
Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
Siemens Tecnomatix Plant Simulation WRL File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
The software vulnerability of Dell Alienware Command Center, due to insufficient input data validation, allows a perpetrator to escalate their privileges.
The vulnerability of Dell Alienware Command Center relates to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
GHSA-3VPF-MCJ7-5H38 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages
Impact The Fides web application allows data subject users to request access to their personal data. If the request is approved by the data controller user operating the Fides web application, the data subject's personal data can then retrieved from connected systems and data stores before being...
Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages
Impact The Fides web application allows data subject users to request access to their personal data. If the request is approved by the data controller user operating the Fides web application, the data subject's personal data can then retrieved from connected systems and data stores before being...
Input validation
Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0...
Mitsubishi Electric MELSEC iQ-F series and Mitsubishi Electric MELSEC-F Series Data Forgery Issue Vulnerability
The Mitsubishi Electric MELSEC iQ-F series and Mitsubishi Electric MELSEC-F Series are both products of Mitsubishi Electric Corporation Mitsubishi Electric, Japan. The Mitsubishi Electric MELSEC-F Series is a programmable logic controller, and the Mitsubishi Electric MELSEC-F Series is a basic...
Microsoft Edge (Chromium) < 118.0.2088.88 / 119.0.2151.44 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 118.0.2088.88 / 119.0.2151.44. It is, therefore, affected by multiple vulnerabilities as referenced in the November 2, 2023 advisory. - Microsoft Edge Chromium-based Remote Code Execution Vulnerability CVE-2023-36022,...
FreeBSD : chromium -- multiple vulnerabilities (a1e27775-7a61-11ee-8290-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a1e27775-7a61-11ee-8290-a8a1599412c6 advisory. - Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a...
CVE-2023-29045
Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborati...
Code injection
Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborati...
CVE-2023-29045
Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between collaborati...
Chromium: CVE-2023-5482 Insufficient data validation in USB
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2023-5482
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2023-5482
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
Design/Logic Flaw
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2023-5482
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...