CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in Google Chrome prior to version 116.0.5845.96, which stems from a heap buffer overflow in the Mojom IDL, which allows remote attackers to exploit heap corruption to gain control of the WebUI...

K000135831: Node.js vulnerability CVE-2023-32067

Security Advisory Description c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interpret...

Malicious code in trino-webui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 319ac64c46d918e612d241b2c7d5f57be824b74a4da37d947f5d2b8c0bb90c3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-1021 Malicious code in trino-webui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 319ac64c46d918e612d241b2c7d5f57be824b74a4da37d947f5d2b8c0bb90c3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

HCL Technologies BigFix Mobile Command Injection Vulnerability

HCL Technologies BigFix Mobile is a Mobile Device Management MDM solution from HCL Technologies. It is designed to help businesses and organizations effectively manage and secure mobile devices, including smartphones, tablets and other mobile devices. HCL Technologies BigFix Mobile suffers from a...

CVE-2023-28012

HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server...

Command injection

HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server...

CVE-2023-28012 HCL BigFix Mobile can be affected by a command injection vulnerability

HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server...

CVE-2023-28012 HCL BigFix Mobile can be affected by a command injection vulnerability

HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server...

CVE-2023-28012

CVE-2023-28012 affects HCL BigFix Mobile WebUI server. The vulnerability is a command injection flaw where input is not properly filtered, allowing an authenticated attacker to execute arbitrary shell commands on the WebUI server. Reported impact includes high confidentiality, integrity, and avai...

CVE-2023-28023

A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems server machine and all the ones in its network...

Cross site request forgery (csrf)

A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems server machine and all the ones in its network...

CVE-2023-28020

URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header...

CVE-2023-28021

The BigFix WebUI uses weak cipher suites...

Code injection

The BigFix WebUI uses weak cipher suites...

Xxe

URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header...

CVE-2023-28023 HCL BigFix WebUI Software Distribution is affected by a cross site server request forgery vulnerability

A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems server machine and all the ones in its network...

CVE-2023-28023

The CVE-2023-28023 issue affects the BigFix WebUI Software Distribution interface (versions prior to 44). A cross-site request forgery allows an attacker to access files on server-side systems (server machine and networked hosts). The PT Security advisory for BigFix WebUI recommends upgrading to ...

CVE-2023-28021 BigFix WebUI is vulnerable to use of a risky cryptographic algorithm

The BigFix WebUI uses weak cipher suites...