46 matches found
CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
Stable Channel Update for Desktop
The Stable channel has been updated to 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 130.0.6723.59 for Windows and Mac whi...
SUSE CVE-2016-9955
The SimpleSAMLXMLValidator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service memory consumption by leveraging improper conversion of return values to boolean...
CVE-2020-9955
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2020-9955
CVE-2020-9955 is an ImageIO out-of-bounds write vulnerability in Apple platforms. Apple reports that processing a maliciously crafted image may lead to arbitrary code execution. Concrete details across connected sources show the issue affecting ImageIO on iOS 14.0 / iPadOS 14.0, tvOS 14.0, watchO...
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1205)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-9955
Zyxel devices including ATP200/ATP500/ATP800, USG and ZyWALL series (e.g., USG20-VPN/USG1100/USG1900/ ZyWALL 110/310) are affected by CVE-2019-9955. The vulnerability is a reflected Cross-Site Scripting flaw on the security firewall login page caused by unsanitized mp_idx parameter in weblogin.cg...
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
Exploit for hardware platform in category web applications Exploit Title: Reflected XSS on Zyxel login pages Exploit Author: Aaron Bishop Vendor Homepage: https://www.zyxel.com/us/en/ Version: V4.31 Tested on: ZyWall 310, ZyWall 110, USG1900, ATP500, USG40 - weblogin.cgi, webauthrelogin.cgi CVE :...
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
Exploit Title: Reflected XSS on Zyxel login pages Date: 10 Apr 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://www.zyxel.com/us/en/ Version: V4.31 Tested on: ZyWall 310, ZyWall 110, USG1900, ATP500, USG40 - weblogin.cgi, webauthrelogin.cgi CVE : 2019-9955 1. Description ==============...
CVE-2018-9955
Foxit Reader 9.0.1.1049 is affected by CVE-2018-9955. The vulnerability resides in the XFA Button resolveNode method and is due to not validating the existence of an object before performing operations, enabling remote code execution under the current process when a user opens a malicious file/pa...
CVE-2014-9955
CVE-2014-9955 is an elevation-of-privilege vulnerability affecting Android, specifically in Qualcomm closed‑source components with the Android kernel as the platform. The connected CVE records confirm the issue is associated with Qualcomm closed‑source components and that fixes are not delivered ...
Debian: Security Advisory (DLA-1298-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1298-1 : simplesamlphp security update
Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. CVE-2016-9814 & CVE-2016-9955 An incorrect check of return values in the signature validation utilities allowed an attacker to get invalid signatures accepted as valid i...
[SECURITY] [DLA 1297-1] simplesamlphp security update
Package : simplesamlphp Version : 1.9.2-1+deb7u3 CVE ID : CVE-2016-9814 CVE-2016-9955 Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. CVE-2016-9814 & CVE-2016-9955 An incorrect check of return values in the signature...
CVE-2017-9955
The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...