Improper Neutralization

Improper Neutralization in CefSharp.Common.NETCore...

Improper Neutralization

Improper Neutralization in CefSharp.Common...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in vp8 encoding in libvpx. Remediation Upgrade CefSharp.Common.NETCore to version 117.2.20 or higher. References - Chrome Releases - GitHub Commit - GitHub Commit - GitHub PR - GitHub PR - GitHub PR - GitHub P...

Heap-based Buffer Overflow

Overview CefSharp.Common is a the CefSharp Chromium-based browser component 'Core' and common 'Element' components, needed by both WPF and WinForms. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in vp8 encoding in libvpx. Remediation Upgrade CefSharp.Common to...

GHSA-J646-GJ5P-P45G CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

Rockwell Automation Connected Components Workbench

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : Rockwell Automation Equipment : Connected Components Workbench Vulnerabilities : Use After Free, Out-of-bounds Write 2. RISK...

CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

Heap-based Buffer Overflow

Overview CefSharp.Common is a the CefSharp Chromium-based browser component 'Core' and common 'Element' components, needed by both WPF and WinForms. Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the ReadHuffmanCodes function is used. An attacker can craft a...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the ReadHuffmanCodes function is used. An attacker can craft a special WebP lossless file that triggers the ReadHuffmanCodes function to allocate the HuffmanCode buffer with a size that comes from an arra...

Use after free in CefSharp

CVE-2020-16017: Use after free in site isolation - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop11.html - https://vulners.com/cve/CVE-2020-16017 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is currently...

GHSA-GVQV-779R-4JGP Use after free in CefSharp

CVE-2020-16017: Use after free in site isolation - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop11.html - https://vulners.com/cve/CVE-2020-16017 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is currently...

Inappropriate implementation in V8 in CefSharp

High CVE-2020-16013: Inappropriate implementation in V8. - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop11.html - https://vulners.com/cve/CVE-2020-16013 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is...

GHSA-X7FX-MCC9-27J7 Inappropriate implementation in V8 in CefSharp

High CVE-2020-16013: Inappropriate implementation in V8. - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop11.html - https://vulners.com/cve/CVE-2020-16013 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is...

GHSA-PV36-H7JH-QM62 Heap buffer overflow in CefSharp

Impact A memory corruption bugHeap overflow in the FreeType font rendering library. This can be exploited by attackers to execute arbitrary code by using specially crafted fonts with embedded PNG images . As per https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/ Goog...

CVE-2020-25826

PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe...

CVE-2020-25826

PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe...

Code injection

PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe...