4506 matches found
Astra Linux - уязвимость в chromium
The use of after-free in ANGLE in Google Chrome before version 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Critical...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass the mixed content policy through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
Before version 125.0.6422.141, the Streams API in Google Chrome allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the UI of Google Chrome prior to version 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data through a crafted HTML page...
Astra Linux - уязвимость в php7.3
In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, and 8.2. before 8.2.7, when using SOAP HTTP Digest Authentication, the random value generator was not checked for failures. Additionally, the range of values used by the random generator was narrower than necessary. In the event of a random...
Astra Linux - уязвимость в chromium
The inappropriate implementation of the Extensions API in Google Chrome prior to version 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control through a crafted HTML page...
Astra Linux - уязвимость в chromium
Integer overflow in the USB component of Google Chrome prior to version 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Before version 98.0.4758.80, using “after free” in Reader Mode in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
The use of after-free in networks in Google Chrome before version 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
firefox: thunderbird: Use-after-free in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Core & HTML component...
firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...
firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...
ROS-20260520-73-0009
A vulnerability in the Base component of Google Chrome and Microsoft Edge browsers is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0060
A vulnerability in the Google Chrome web browser is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0017
A vulnerability in the JavaScript script handler V8 of Google Chrome and Microsoft Edge browsers is related to writing outside buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260520-73-0049
A vulnerability in the WebCodecs component of the Google Chrome web browser is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data or cause a denial of service via a specially crafted HTML...
ROS-20260520-73-0050
A vulnerability in the Dawn component of the Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
ROS-20260520-73-0053
A vulnerability in the WebGL component of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...