CVE-2022-0795

CVE-2022-0795 discusses a type confusion in Blink Layout in Google Chrome/Chromium up to version 99.0.4844.51 that could enable remote heap corruption via a crafted HTML page. The issue is rooted in the browser’s Blink component, exposing a vulnerability when processing HTML content. Public conne...

CVE-2022-0795

Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0795

Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Security Vulnerabilities fixed in Thunderbird 91.8 — Mozilla

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the...

Security Vulnerabilities fixed in Firefox ESR 91.8 — Mozilla

NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the...

Linux CWA2109 - KeyboardLayout=(Server Default) setting not work as expected

KeyboardLayout=Server Default in Linux CWA2109 is not working, while Linux CWA2108/2106 is working well...

Use After Free

chrome is vulnerable to use after free. The vulnerability exists due to a memory corruption in Blink Layout which allows an attacker to cause an application crash...

Chromium: CVE-2022-0971 Use after free in Blink Layout

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Microsoft Edge (Chromium) < 99.0.1150.46 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 99.0.1150.46. It is, therefore, affected by multiple vulnerabilities as referenced in the March 17, 2022 advisory. - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinc...

CVE-2021-40766

Adobe Character Animator version 4.4 and earlier versions are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction i...

CVE-2021-40769

Adobe Character Animator version 4.4 and earlier versions are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction i...

CVE-2021-39692

In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser by Google, Inc.Blink is a browser layout engine rendering engine jointly developed by Google, Inc. and OperaSoftware, Norway. A resource management error vulnerability exists in Blink Layout for Google Chrome, which stems from the Blink Layout component being reused...

Google Chrome < 99.0.4844.74 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.74. It is, therefore, affected by multiple vulnerabilities as referenced in the 202203stable-channel-update-for-desktop15 advisory. - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed...

Inconsistent storage layout for ERC2771ContextUpgradeable

Impact The storage layout of the ERC2771ContextUpgradeable is not constant between versions. - versions 4.0.0, 4.1.0 and 4.2.0, the contract has a length of 51 slots. - since 4.3.0, the contract has a length of 50 slots - future versions will continue using 50 slots. This difference in layout cou...

GHSA-7J52-6FJP-58GR Inconsistent storage layout for ERC2771ContextUpgradeable

Impact The storage layout of the ERC2771ContextUpgradeable is not constant between versions. - versions 4.0.0, 4.1.0 and 4.2.0, the contract has a length of 51 slots. - since 4.3.0, the contract has a length of 50 slots - future versions will continue using 50 slots. This difference in layout cou...

Keyboard layout dynamic sync not working with East Asian, Cyrillic language usernames

When a user using Windows English OS and the username chars are East Asian/Cyrillic Unicode, the Keyboard layout dynamic sync of the Citrix Workspace App will not work. The remote language bar’s language will always be the first-time synced language when the session is created. Changing Microsoft...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially crafted file...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to buffer overflow errors, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to buffer overflow errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

Denial Of Service (DoS)

Chrome is vulnerable to denial of service. The vulnerability exists due to a Type Confusion in Blink Layout...