Lucene search
K

5107 matches found

OSV
OSV
added 2021/12/23 1:15 a.m.6 views

CVE-2021-4064

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.2AI score
Exploits0References5
OSV
OSV
added 2021/12/23 1:15 a.m.1 views

DEBIAN-CVE-2021-4064

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.5AI score0.0128EPSS
Exploits0References1
Prion
Prion
added 2021/12/23 1:15 a.m.26 views

Design/Logic Flaw

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS8.8AI score0.0128EPSS
Exploits0References5Affected Software3
UbuntuCve
UbuntuCve
added 2021/12/23 1:15 a.m.22 views

CVE-2021-4064

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.0128EPSS
Exploits0References1
OSV
OSV
added 2021/12/23 1:15 a.m.1 views

UBUNTU-CVE-2021-4064

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.0128EPSS
Exploits0References2
CVE
CVE
added 2021/12/23 12:45 a.m.114 views

CVE-2021-4064

CVE-2021-4064 affects Chromium-based browsers. A use-after-free in the screen capture component of the Chromium engine before version 96.0.4664.93 could allow a remote attacker to potentially trigger heap corruption and arbitrary code execution or content spoofing through a crafted HTML page. Ups...

8.8CVSS8.8AI score0.0128EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2021/12/23 12:45 a.m.21 views

CVE-2021-4064

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.1AI score0.0128EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2021/12/23 12:45 a.m.24 views

CVE-2021-4064

Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.6AI score0.0128EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/12/17 7:57 a.m.2 views

UNIVERGE DT Series vulnerable to missing encryption of sensitive data

Overview UNIVERGE IP Phone DT Series and PC tools for DT Series maintainers IP Phone Manager and Data Maintenance Tool provided by NEC Platforms, Ltd. contain a missing encryption vulnerability CWE-311. NEC Platforms, Ltd. reported this vulnerability to IPA to notify users of its solutions throug...

5.3CVSS6.5AI score0.01066EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/12/17 12:0 a.m.52 views

JVN#13464252: UNIVERGE DT Series vulnerable to missing encryption of sensitive data

UNIVERGE IP Phone DT Series and PC tools for DT Series maintainers IP Phone Manager and Data Maintenance Tool provided by NEC Platforms, Ltd. contain a missing encryption vulnerability CWE-311. Impact If a remote attacker who can access to the internal network setting the product analyzes packets...

5.3CVSS5.2AI score0.01066EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/12/17 12:0 a.m.3 views

The vulnerability of the Screen Capture function in Microsoft Edge and Google Chrome browsers allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Screen Capture function in Microsoft Edge and Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code or cause a service failure...

10CVSS8.2AI score0.0128EPSS
Exploits0References7Affected Software4
Positive Technologies
Positive Technologies
added 2021/12/15 12:0 a.m.15 views

PT-2021-12: Authentication pypass by capture-replay in FX5U(C) CPU and FX5UJ CPU modules

The vulnerability of the FX5UC CPU and FX5UJ CPU modules of Mitsubishi Electric FA products is associated with the possibility of bypass authorization using capture-replay of intercepted parameters. Exploitation of the vulnerability may allow an attacker who has intercepted the parameters of the...

8.1CVSS8.1AI score0.02068EPSS
Exploits0
CVE
CVE
added 2021/12/14 7:15 p.m.131 views

CVE-2021-43821

Opencast before versions 9.10 and 10.6 is vulnerable to an issue where ingested media packages can reference local file URLs, causing the system to open and include local host files and expose them via the web interface. The root cause is the ability to include local files during ingests, allowin...

9.9CVSS7.5AI score0.01964EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2021/12/14 6:10 p.m.74 views

CVE-2021-43807

Opencast is vulnerable to HTTP method spoofing in versions prior to 9.10. An attacker can override the intended HTTP method via a URL parameter, turning GET into PUT or form submissions into DELETE, enabling state-changing actions and CSRF bypasses. The issue is fixed in Opencast 9.10 and 10.0. M...

7.5CVSS6.6AI score0.01416EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2021/12/14 10:8 a.m.17 views

Denial Of Service (DoS)

wireshark:bullseye is vulnerable to denial of service.Buffer overflow in the Bluetooth HCIISO dissector in Wireshark allows denial of service via packet injection or crafted capture file...

7.5CVSS3.3AI score0.07502EPSS
Exploits1References10Affected Software1
Veracode
Veracode
added 2021/12/14 10:7 a.m.29 views

Denial Of Service (DoS)

wireshark is vulnerable to denial of service. The vulnerability exists due to a large loop in the Bluetooth DHT dissector which allows denial of service via packet injection or crafted capture file...

7.5CVSS2.6AI score0.04928EPSS
Exploits1References11Affected Software1
Veracode
Veracode
added 2021/12/14 10:7 a.m.27 views

Denial Of Service (DoS)

wireshark is vulnerable to denial of service.The vulnerability exists through the buffer overflow in the C12.22 dissector, allowing an attacker to cause denial of service via packet injection or crafted capture file...

7.5CVSS3.7AI score0.05178EPSS
Exploits1References11Affected Software1
CNNVD
CNNVD
added 2021/12/14 12:0 a.m.4 views

UiPath Assistant安全漏洞

UiPath Assistant is a specialized tool from UiPath designed to make interacting with bots from the desktop easy and fun.A security vulnerability exists in UiPath Assistant 21.4.4, which stems from a lack of effective trust management mechanisms in networked systems or products. An attacker could...

10CVSS5.9AI score0.01747EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/12/11 12:0 a.m.42 views

Debian DSA-5019-1 : wireshark - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5019 advisory. - Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted captur...

7.5CVSS6.8AI score0.07885EPSS
Exploits10References28
Microsoft CVE
Microsoft CVE
added 2021/12/10 8:0 a.m.31 views

Chromium: CVE-2021-4064 Use after free in screen capture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.0128EPSS
Exploits0
Rows per page
Query Builder