212 matches found
Heap overflow
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
UBUNTU-CVE-2022-3655
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10180-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10180-1 advisory. - Type Confusion in V8. CVE-2022-3652, CVE-2022-3723 - Heap buffer overflow in Vulkan. CVE-2022-3653 - Use after free in Layout...
CVE-2022-3655
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-3655
CVE-2022-3655 describes a heap buffer overflow in Chrome/Chromium’s Media Galleries. Multiple sources (Chrome release notes and security trackers) confirm this affects Chrome before version 107.0.5304.62, with the risk that a user who installs a crafted malicious extension could trigger heap corr...
CVE-2022-3655
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-3655
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10177-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10177-1 advisory. - Type Confusion in V8. CVE-2022-3652, CVE-2022-3723 - Heap buffer overflow in Vulkan. CVE-2022-3653 - Use after free in Layout...
Chromium: CVE-2022-3655 Heap buffer overflow in Media Galleries
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Google Chrome Media Galleries Buffer Overflow Vulnerability
Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome Media Galleries, which is caused by a failure of Media Gallery to properly bounds check. An attacker could exploit the vulnerability to make an overflow buffer and execute arbitrary code on th...
Microsoft Edge (Chromium) < 107.0.1418.24 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 107.0.1418.24. It is, therefore, affected by multiple vulnerabilities as referenced in the October 27, 2022 advisory. - Type Confusion in V8. CVE-2022-3652 - Heap buffer overflow in Vulkan. CVE-2022-3653 - Use after fr...
KLA20019 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability in V8 can be exploited to cause denial of service. 2. Use...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome Media Galleries, which is caused by a failure of Media Gallery to properly bounds check. An attacker could exploit the vulnerability to make an overflow buffer and execute arbitrary code on th...
Google Chrome < 107.0.5304.62 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 107.0.5304.62. It is, therefore, affected by multiple vulnerabilities as referenced in the 202210stable-channel-update-for-desktop25 advisory. - Use after free in Accessibility in Google Chrome on Chrome OS prior to...
Design/Logic Flaw
Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...
CVE-2022-28202
A flaw was found in MediaWiki. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...
Cross-site Scripting (XSS)
An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...
CVE-2022-28202
An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...
DEBIAN-CVE-2022-28202
An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...
CVE-2022-28202
An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...