5111 matches found
CVE-2022-20619
A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-20619
A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-20619
A cross-site request forgery CSRF vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
VulnCheck KEV: CVE-2013-6719
delivery.php in the Passive Capture Application PCA web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the testconnhost parameter...
MacOS Bug Could Let Creeps Snoop On You
Microsoft on Monday released details about a bug in macOS that Apple fixed last month – named “powerdir” – that could let attackers hijack apps, install their own nasty apps, use the microphone to eavesdrop or grab screenshots of whatever’s displayed on your screen. The vulnerability allows...
Google Chrome resource management error vulnerability
Google Chrome is a Web browser from Google, Inc. A resource management error vulnerability exists in Google Chrome, which stems from the product's screen capture component referencing freed memory. A remote attacker could use this vulnerability to create a specially crafted web page, trick a vict...
CVE-2021-4183
A heap-buffer-overflow vulnerability was found in Wireshark. This flaw allows an attacker with local network access to pass specially crafted capture files, causing an application to halt or crash...
CVE-2021-4184
An infinite-loop flaw was found in Wireshark's DHT dissector module. This flaw allows an attacker with local network access to pass specially crafted capture files, causing an application to halt, crash or go into an infinite loop...
CVE-2021-4181
A denial of service via packet injection flaw was found in wireshark. An attacker with local network access could pass specially crafted capture files causing an application to halt or crash, leading to a denial of service...
Chromium: CVE-2022-0098 Use after free in Screen Capture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Edge (Chromium) < 97.0.1072.55 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 97.0.1072.55. It is, therefore, affected by multiple vulnerabilities as referenced in the January 6, 2022 advisory. - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an...
Denial Of Service (DoS)
wireshark is vulnerable to denial of service. The vulnerability exists because of a fuzz job in the Gryphon dissector which allows an attacker to crash the application via packet injection or crafted capture file...
FreeBSD : chromium -- multiple vulnerabilities (9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec advisory. - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allow...
Google Chrome < 97.0.4692.71 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 97.0.4692.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202201stable-channel-update-for-desktop advisory. - Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed ...
Wireshark Injection Vulnerability (CNVD-2022-11196)
Wireshark formerly known as Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis. An injection vulnerability exists in Wireshark versions 3.4.0 - 3.4.10, which stems fro...
Google Chrome 资源管理错误漏洞
Google Chrome is a Web browser from Google, Inc. A resource management error vulnerability exists in Google Chrome, which stems from the product's screen capture component referencing freed memory. A remote attacker could use this vulnerability to create a specially crafted web page, trick a vict...
Wireshark Injection Vulnerability (CNVD-2022-11201)
Wireshark formerly Ethereal is a set of network packet analysis software from the Wireshark team. Gryphon dissector is one of the Gryphon protocol parsers. An attacker could exploit this vulnerability to cause a denial of service via packet injection or specially crafted capture files...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 97 to the stable channel for Windows, Mac and Linux.This will roll out over the coming days/weeks. Chrome 97.0.4692.71 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
Google Chrome < 97.0.4692.71 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 97.0.4692.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202201stable-channel-update-for-desktop advisory. - Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a...
Wireshark BitTorrent DHT Parser Denial of Service Vulnerability
Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.Gryphon dissector is one of the Gryphon protocol parsers. A security vulnerability exists in...