5837 matches found
[SECURITY] [DSA 4906-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4906-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 27, 2021 https://www.debian.org/security/faq -...
Google Chrome V8 Security Bypass Vulnerability
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that stems from insufficient data validation in V8. An attacker can exploit this vulnerability to bypass security restrictions...
FreeBSD : chromium -- multiple vulnerabilities (9fba80e0-a771-11eb-97a0-e09467587c17)
Chrome Releases reports : This release contains 9 security fixes, including : - 1199345 High CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu of Singular Security Lab on 2021-04-15 - 1175058 High CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman...
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages lies in insufficient input data validation, which allows attackers to trigger service failures.
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
CVE-2021-21208
Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code...
CVE-2021-21208
Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code...
CVE-2021-21208
CVE-2021-21208 affects Google Chrome/Chromium’s QR scanner. Root cause: insufficient data validation in the QR code scanner on iOS prior to 90.0.4430.72, enabling a crafted QR code to induce domain spoofing. Affected versions are Chrome/Chromium before that build. Remediation: upgrade to Chromium...
CVE-2021-21208
Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code...
Foxit Studio Photo ARW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
KLA12154 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. A data validation vulnerability in V8 can be exploited to bypass...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 9 security fixes, including: 1199345 High CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu of Singular Security Lab on 2021-04-15 1175058 High CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman Alqabandi,...
Memory corruption
Cscape All versions prior to 9.90 SP4 lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability to execute code in the context of the current process...
Cscape Memory Corruption Vulnerability
Cscape is an application that can program the full range of OCS. A memory corruption vulnerability exists in Cscape versions prior to 9.90 SP4. The vulnerability stems from the affected application failing to properly validate user-supplied data when parsing a project file. An attacker can exploi...
Autodesk FBX Review FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk FBX Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
Autodesk FBX Review FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk FBX Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
CVE-2021-25678
A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2020 All versions SE2020MP14, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds...
Code injection
A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2020 All versions SE2020MP14, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to pointer dereferences...
Delta Industrial Automation CNCSoft-B DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft-B DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
The vulnerability of Google Chrome and Microsoft Edge web browsers allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of Google Chrome and Microsoft Edge browser QR scanners is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created web page...
Fedora 32 : kernel / kernel-headers / kernel-tools (2021-6b0f287b8b)
The remote Fedora 32 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2021-6b0f287b8b advisory. - An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver...