5107 matches found
CVE-2021-4064
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
DEBIAN-CVE-2021-4064
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Design/Logic Flaw
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-4064
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2021-4064
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-4064
CVE-2021-4064 affects Chromium-based browsers. A use-after-free in the screen capture component of the Chromium engine before version 96.0.4664.93 could allow a remote attacker to potentially trigger heap corruption and arbitrary code execution or content spoofing through a crafted HTML page. Ups...
CVE-2021-4064
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-4064
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UNIVERGE DT Series vulnerable to missing encryption of sensitive data
Overview UNIVERGE IP Phone DT Series and PC tools for DT Series maintainers IP Phone Manager and Data Maintenance Tool provided by NEC Platforms, Ltd. contain a missing encryption vulnerability CWE-311. NEC Platforms, Ltd. reported this vulnerability to IPA to notify users of its solutions throug...
JVN#13464252: UNIVERGE DT Series vulnerable to missing encryption of sensitive data
UNIVERGE IP Phone DT Series and PC tools for DT Series maintainers IP Phone Manager and Data Maintenance Tool provided by NEC Platforms, Ltd. contain a missing encryption vulnerability CWE-311. Impact If a remote attacker who can access to the internal network setting the product analyzes packets...
The vulnerability of the Screen Capture function in Microsoft Edge and Google Chrome browsers allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the Screen Capture function in Microsoft Edge and Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code or cause a service failure...
PT-2021-12: Authentication pypass by capture-replay in FX5U(C) CPU and FX5UJ CPU modules
The vulnerability of the FX5UC CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with the possibility of bypass authorization using capture-replay of intercepted parameters. Exploitation of the vulnerability may allow an attacker who has intercepted the parameters of the...
CVE-2021-43821
Opencast before versions 9.10 and 10.6 is vulnerable to an issue where ingested media packages can reference local file URLs, causing the system to open and include local host files and expose them via the web interface. The root cause is the ability to include local files during ingests, allowin...
CVE-2021-43807
Opencast is vulnerable to HTTP method spoofing in versions prior to 9.10. An attacker can override the intended HTTP method via a URL parameter, turning GET into PUT or form submissions into DELETE, enabling state-changing actions and CSRF bypasses. The issue is fixed in Opencast 9.10 and 10.0. M...
Denial Of Service (DoS)
wireshark:bullseye is vulnerable to denial of service.Buffer overflow in the Bluetooth HCIISO dissector in Wireshark allows denial of service via packet injection or crafted capture file...
Denial Of Service (DoS)
wireshark is vulnerable to denial of service. The vulnerability exists due to a large loop in the Bluetooth DHT dissector which allows denial of service via packet injection or crafted capture file...
Denial Of Service (DoS)
wireshark is vulnerable to denial of service.The vulnerability exists through the buffer overflow in the C12.22 dissector, allowing an attacker to cause denial of service via packet injection or crafted capture file...
UiPath Assistant安全漏洞
UiPath Assistant is a specialized tool from UiPath designed to make interacting with bots from the desktop easy and fun.A security vulnerability exists in UiPath Assistant 21.4.4, which stems from a lack of effective trust management mechanisms in networked systems or products. An attacker could...
Debian DSA-5019-1 : wireshark - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5019 advisory. - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted captur...
Chromium: CVE-2021-4064 Use after free in screen capture
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...