193 matches found
PT-2024-19767 · Apple · Macos Sonoma +4
Name of the Vulnerable Software and Affected Versions: Safari versions prior to 17.4 iOS versions prior to 17.4 iPadOS versions prior to 17.4 macOS Sonoma versions prior to 14.4 Description: The issue was addressed through improved state management, affecting Private Browsing tabs which may be...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
Code injection
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
Chatwork Desktop Application (Mac) vulnerable to code injection
Overview Chatwork Desktop Application Mac provided by Chatwork Co., Ltd. contains a code injection vulnerability CWE-94. Koh M. Nakagawa of FFRI Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...
Chatwork 代码注入漏洞
Chatwork is a business group chat application from Chatwork, Inc. A security vulnerability exists in Chatwork Desktop Application version 2.6.43 and earlier, which stems from a code injection vulnerability that allows a non-administrative user to store and access audio and image data for the...
CVE-2023-32546
Code injection vulnerability exists in Chatwork Desktop Application Mac 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent...
PT-2023-23867 · Unknown · Chatwork Desktop Application
Name of the Vulnerable Software and Affected Versions: Chatwork Desktop Application Mac versions 2.6.43 and earlier Description: A code injection issue exists, allowing a non-administrative user of the Mac where the product is installed to store and obtain audio and image data from the product...
SUSE CVE-2012-4186
Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors...
SUSE CVE-2021-21166
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
SUSE CVE-2021-28899
Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16...
The vulnerability of the RDP client FreeRDP, related to the issue of operations going beyond the buffer in memory, allows an attacker to gain access to read, modify, or delete audio/video data.
The vulnerability of the RDP client FreeRDP arises from the issue of the operation going beyond the buffer boundaries in memory when the /video command-line parameter is used. Exploiting this vulnerability can allow a remote attacker to gain access to, read, modify, or delete audio/video data...
UBUNTU-CVE-2020-23906
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service DoS via a crafted audio file due to insufficient verification of data authenticity...
UBUNTU-CVE-2021-28899
Vulnerability in the AC3AudioFileServerMediaSubsession, ADTSAudioFileServerMediaSubsession, and AMRAudioFileServerMediaSubsessionLive OnDemandServerMediaSubsession subclasses in Networks LIVE555 Streaming Media before 2021.3.16...
CVE-2020-27607
In BigBlueButton before 2.2.28 or earlier, the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or...
CVE-2020-27607
In BigBlueButton before 2.2.28 or earlier, the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or...
Code injection
In BigBlueButton before 2.2.28 or earlier, the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or...
CVE-2020-27607
In BigBlueButton before 2.2.28 or earlier, the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or...
CVE-2020-27607
CVE-2020-27607 affects BigBlueButton before 2.2.28. The client-side Mute button does not directly stop sending audio; it only signals the server to stop accepting audio data. A modified server could store audio data and/or transmit it to participants or third parties. Affected component: client-s...
Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2018-1104)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...