PT-2023-17965 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a missing permission check in the requestAppKeyboardShortcuts function of WindowManagerService.java. This could allow an attacker to infer the app a user is interacting with,...

OESA-2023-1263 screen security update

Screen is a full-screen window manager that multiplexes a physical terminal between several processes,typically interactive shells. Security Fixes: socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to...

April 25, 2023—KB5025297 (OS Build 19045.2913) Preview

April 25, 2023—KB5025297 OS Build 19045.2913 Preview 3/21/23 REMINDER After March 21, 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates known as the "B" or...

CVE-2023-21026

In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable region beyond its own SurfaceControl due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

Denial Of Service (DoS)

Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the integer overflow in Window Manager, which allows an attacker to convince a user to engage in specific UI interactions to perform an out-of-bounds memory write via crafted UI interaction, leading to an...

The vulnerability of the Google Chrome browser’s window manager allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Google Chrome browser’s window manager is caused by a numerical overflow condition. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected information...

Fedora: Security Advisory for kwin (FEDORA-2023-e31c3e4b6c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: kwin-5.27.1-2.fc37

KDE Window manager...

SUSE CVE-2017-7875

In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free...

SUSE CVE-2022-3052

Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions...

CVE-2023-21440

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Feb-2023 Release 1 prior to Release 1, which stems from incorrect access control in...

CVE-2022-2743

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...

CVE-2022-2743

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...

DEBIAN-CVE-2022-2743

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...

CVE-2022-2743

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...

CVE-2022-2743

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...

Integer overflow

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...

UBUNTU-CVE-2022-2743

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in Google Chrome prior to version 104.0.5112.79, which originates from an integer overflow in the window manager and allows remote attackers to convince a user to engage in certain UI interactio...