5126 matches found
CVE-2024-41670
In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...
CVE-2024-41670 PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard
In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...
CVE-2024-41684 Cookie Without Secure Flag Set Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system...
Google Chrome < 126.0.6367.182 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 126.0.6367.182. It is, therefore, affected by multiple vulnerabilities as referenced in the 202407stable-channel-update-for-desktop advisory. - Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182...
openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0212-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0212-1 advisory. Chromium 126.0.6478.182 boo1227979: - CVE-2024-6772: Inappropriate implementation in V8 - CVE-2024-6773: Type Confusion in V8 - CVE-2024-6774: Us...
OPENSUSE-SU-2024:0212-1 Security update for chromium
This update for chromium fixes the following issues: Chromium 126.0.6478.182 boo1227979: - CVE-2024-6772: Inappropriate implementation in V8 - CVE-2024-6773: Type Confusion in V8 - CVE-2024-6774: Use after free in Screen Capture - CVE-2024-6775: Use after free in Media Stream - CVE-2024-6776: Use...
Medium: wireshark
Issue Overview: Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture fil...
Medium: wireshark
Issue Overview: Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file CVE-2022-3190 Memory handling issue in editcap could cause denial of service via crafted capture file...
Mageia: Security Advisory (MGASA-2024-0273)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-38438
D-Link - CWE-294: Authentication Bypass by Capture-replay...
CVE-2024-38438
D-Link - CWE-294: Authentication Bypass by Capture-replay...
CVE-2024-38438 D-Link - CWE-294: Authentication Bypass by Capture-replay
D-Link - CWE-294: Authentication Bypass by Capture-replay...
CVE-2024-38438
CVE-2024-38438 refers to a D-Link vulnerability described as CWE-294: Authentication Bypass by Capture-replay. The connected sources list a CVSS v3.1 base score of 9.8 (Network, Privileges Required: None, User Interaction: None, Scope: Unchanged) with High impact on Confidentiality, Integrity, an...
Fedora 40 : chromium (2024-2a56aeb66b)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2a56aeb66b advisory. update to 126.0.6478.182 High CVE-2024-6772: Inappropriate implementation in V8 High CVE-2024-6773: Type Confusion in V8 High CVE-2024-6774: Use aft...
Updated chromium-browser-stable packages fix security vulnerabilities
Inappropriate implementation in V8. CVE-2024-6772 Type Confusion in V8. CVE-2024-6773 Use after free in Screen Capture. CVE-2024-6774 Use after free in Media Stream. CVE-2024-6775 Use after free in Audio. CVE-2024-6776 Use after free in Navigation. CVE-2024-6777 Race in DevTools. CVE-2024-6778 Ou...
Fedora 39 : chromium (2024-d9916cb7e2)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d9916cb7e2 advisory. update to 126.0.6478.182 High CVE-2024-6772: Inappropriate implementation in V8 High CVE-2024-6773: Type Confusion in V8 High CVE-2024-6774: Use aft...
Chromium: CVE-2024-6774 Use after free in Screen Capture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2024-6774
Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Unspecified Vulnerability in Google Chrome (CNVD-2024-35185)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that stems from a post-release usage issue found in the Screen Capture module. No details of the vulnerability are provided at this time...
Google Chrome Security Update (stable-channel-update-for-desktop-2024-07) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...