Google Android Information Disclosure Vulnerability (CNVD-2023-99046)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

FFmpeg Out-of-Bounds Read Vulnerability (CNVD-2024-31519)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. An out-of-bounds read vulnerability exists in Ffmpeg, which originates from an out-of-bounds read of the dist alphabetsize variable in the readvlcprefix function. An attacker can exploit th...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from an incorrect security user interface in the Downloads module. An attacker can exploit this vulnerability to bypass security restrictions...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android has a security vulnerability that can be exploited by attackers to gain elevated privileges...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that can be exploited by an attacker to gain elevated privileges...

CVE-2023-4693

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to...

cURL SOCKS5 Heap Overflow Vulnerability

cURL is a network data transfer project. Usually when we say cURL, we mean the cURL command line tool. cURL's underlying use is the libcurl library. A heap overflow vulnerability exists in cURL SOCKS5, which can be exploited by an attacker to construct a malicious hostname and cause code executio...

Microsoft Message Queuing 安全漏洞

Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A denial of service vulnerability exists in Microsoft Message Queuing, which can be exploited by an attacker to cause a denial of service on a system...

Access Control Error Vulnerability in Cisco SD-WAN vManage

Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. An access control error vulnerability exists in Cisco SD-WAN vManage that stems from improperly enforced access control ...

SA-2023-08-08-CVE-2023-35083

SECURITY ADVISORY 08-08-2023 Product Affected: Ivanti Endpoint Manager A vulnerability was recently discovered for EPM 2022 SU3 and all previous versions. We have a Hotfix available to remediate this vulnerability that can be found by going to CVE-2023-35083 Full details. Please log into the...

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

Silicon Labs Gecko SDK Buffer Error Vulnerability

The Silicon Labs Gecko SDK GSDK is an open source library from Silicon Labs. Combines the Silicon Labs Wireless Software Development Kit SDK and the Gecko platform into one integrated package. A buffer error vulnerability exists in Silicon Labs Gecko SDK. An attacker could exploit this...

Mattermost Resource Management Error Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a resource management error vulnerability. An attacker could exploit this vulnerability to cause the server to consume an abnormal amount of computing resources...

LG mobile security breach

LG mobile is a series of mobile device products from South Korea's Luckin LG. A security vulnerability exists in LG mobile. An attacker could exploit the vulnerability to obtain sensitive information...

GNU Binutils Memory Leak Vulnerability

GNU Binutils is a set of tools for working with binary files. A memory leak vulnerability exists in GNU Binutils, which originates from the function findabstractinstance in dwarf2.c contains a memory leak that can be exploited by an attacker to cause the program to crash...

CVE-2023-0773 Unauthorized Access Control Vulnerability in Uniview IP Camera

The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerabili...

Google Chrome Security Bypass Vulnerability (CNVD-2023-75502)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from an improper implementation of the Prompts module. An attacker can exploit the vulnerability to bypass security restrictions...

Google Chrome Security Bypass Vulnerability (CNVD-2023-75497)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 117.0.5938.62, which stems from an improper implementation of the Custom Mobile Tabs module. An attacker can exploit the vulnerability to bypass security...

Google Chrome Security Bypass Bypass Vulnerability (CNVD-2023-75321)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from inadequate policy enforcement in the Downloads module. An attacker can exploit the vulnerability to bypass security restrictions...

Google Chrome Security Bypass Vulnerability (CNVD-2023-75499)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 117.0.5938.62, which stems from an improper implementation of the Intents module. An attacker can exploit the vulnerability to bypass security restrictions...