The vulnerability in the interface for connecting peripheral devices via USB browsers like Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the interface for connecting peripheral devices via USB in Google Chrome browsers is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created web page...

The vulnerability in the interface for connecting peripheral devices via USB browsers like Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the interface for connecting peripheral devices via USB in Google Chrome browsers is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

DEBIAN-CVE-2023-5482

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

Medium: kernel

Issue Overview: An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in dodivsz,mtd-erasesize, used indirectly by ctrlcdevioctl, when mtd-erasesize is 0. CVE-2023-31085 A flaw in the kernel Xen event handler can cause a deadlock with Xen conso...

USN-6466-1 linux-nvidia-6.2 vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

Google Chrome Security Vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that originates from insufficient data validation in the USB module...

Google Chrome Security Vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that originates from an integer overflow vulnerability in the USB module...

CLSA-2023-1698312412 Fix CVE(s): CVE-2023-34969, CVE-2020-34969

SECURITY UPDATE: Assign a serial number for messages from the driver - debian/patches/CVE-2023-34969.patch: Fix assertion failure when a monitor is active and a message from the driver cannot be delivered. - CVE-2020-34969...

CVE-2023-46078

Cross-Site Request Forgery CSRF vulnerability in PluginEver WC Serial Numbers plugin = 1.6.3 versions...

CVE-2023-46078

Cross-Site Request Forgery CSRF vulnerability in PluginEver WC Serial Numbers plugin = 1.6.3 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in PluginEver WC Serial Numbers plugin = 1.6.3 versions...

CVE-2023-46078 WordPress Serial Numbers for WooCommerce – License Manager Plugin <= 1.6.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in PluginEver WC Serial Numbers plugin = 1.6.3 versions...

CVE-2023-46078 WordPress Serial Numbers for WooCommerce – License Manager Plugin <= 1.6.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in PluginEver WC Serial Numbers plugin = 1.6.3 versions...

CVE-2023-46078

CVE-2023-46078 describes a Cross-Site Request Forgery (CSRF) vulnerability in the PluginEver WC Serial Numbers plugin for WooCommerce, affecting versions

WordPress Plugin WC Serial Numbers Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2023-29830 · Pluginever · Pluginever Wc Serial Numbers

Name of the Vulnerable Software and Affected Versions: PluginEver WC Serial Numbers plugin versions 1.6.3 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

Improper access control

UNSUPPORTED WHEN ASSIGNED D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...

CVE-2023-46033

D-Link Non-US DSL-2750U N300 ADSL2+ and Non-US DSL-2730U N150 ADSL2+ are vulnerable to Incorrect Access Control. The UART/Serial interface on the PCB, provides log output and a root terminal without proper access control...