100 matches found
Debian DSA-5244-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5244 advisory. - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install...
openSUSE 15 Security Update : opera (openSUSE-SU-2022:10130-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10130-1 advisory. - Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a...
Google Chrome < 106.0.5249.61 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 106.0.5249.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 202209stable-channel-update-for-desktop27 advisory. - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior ...
CVE-2022-3201
creationtimestamp| type| source ---|---|--- 2022-09-26 20:28:48+00:00| seen| https://t.me/cibsecurity/50521 2022-09-29 15:30:06+00:00| seen| https://t.me/truesecator/3490...
CVE-2022-3201
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2022-3201
CVE-2022-3201 affects Google Chrome/DevTools on ChromeOS with insufficient input validation in DevTools prior to 105.0.5195.125, enabling a crafted HTML page via a user-instigated malicious extension to bypass navigation restrictions. The issue is tied to Chrome/Chromium DevTools input handling a...
CVE-2022-3201
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2022-3201
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10123-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10123-1 advisory. - Out of bounds write in Storage. CVE-2022-3195 - Use after free in PDF. CVE-2022-3196, CVE-2022-3197, CVE-2022-3198 - Use after free in...
Stable Channel Update for Desktop
The Stable channel has been updated to 105.0.5195.125 for Mac and Linux, 105.0.5195.125/126/127 which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted unt...
Google Chrome < 105.0.5195.125 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 105.0.5195.125. It is, therefore, affected by multiple vulnerabilities as referenced in the 202209stable-channel-update-for-desktop14 advisory. - Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.12...
Security update for log4j (important)
openSUSE Security Update: Security update for log4j Announcement ID: openSUSE-SU-2021:1601-1 Rating: important References: 1193743 Cross-References: CVE-2021-44228 CVE-2021-45046 CVSS scores: CVE-2021-44228 NVD : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2021-44228 SUSE: 9.8...
Cisco IOS Tcl DoS (cisco-sa-tcl-dos-MAZQUnMF)
According to its self-reported version, IOS is affected by a vulnerability in the Tool Command Line Tcl interpreter due to insufficient input validation of data passed to the Tcl interpreter. An authenticated, unprivileged, and local attacker can exploit this, by executing crafted Tcl arguments o...
CVE-2020-3201 Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability
A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient inp...
CVE-2020-3201
CVE-2020-3201 describes a DoS in Cisco IOS and IOS XE caused by insufficient input validation in the Tcl interpreter. An authenticated, local attacker with privileged EXEC credentials can trigger crafted Tcl arguments to cause the device to reload. Relevant details come from Cisco advisories and ...
RHEL 7 : Ansible (RHSA-2019:3201)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3201 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...
Important: Red Hat Security Advisory: Ansible security update
An update is now available for Ansible Engine 2.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
CVE-2018-3201
CVE-2018-3201 affects Oracle WebLogic Server (Fusion Middleware) specifically the WLS Core Components in version 12.2.1.3. The vulnerability allows an unauthenticated attacker with network access via T3 to compromise WebLogic Server, potentially resulting in a takeover of the server (high/critica...
CVE-2017-3201
CVE-2017-3201 affects Flamingo amf-serializer by Exadel, version 2.2.0. The AMF3 deserializer derives class instances from java.io.Externalizable instead of flash.utils.IExternalizable, enabling a remote attacker who can spoof/control an RMI server to send serialized Java objects that execute arb...
Virtuozzo Linux Errata and Bugfix Advisory 2017:3201
Upstream security update. Follow RHBA-2017:3201 for details...