CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2023-4428

CVE-2023-4428 affects Chromium-based browsers (Chrome/Chromium) and relates to an out-of-bounds memory access in CSS that could allow a remote attacker to read memory via a crafted HTML page. The issue is classified with high severity and a network attack vector, with user interaction required. T...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 116.0.5845.110, which stemmed from an out-of-bounds read issue in CSS modules...

OPENSUSE-SU-2023:0234-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 116.0.5845.96 New CSS features: Motion Path, and 'display' and 'content-visibility' animations Web APIs: AbortSignal.any, BYOB support for Fetch, Back/ forward cache NotRestoredReason API, Document Picture-in- Picture, Expanded Wildcar...

Critters 跨站脚本漏洞

Critters is a GoogleChromeLabs open source Webpack plugin . Used to inline critical CSS and delay loading the rest. A security vulnerability exists in Critters versions 0.0.17-0.0.19. An attacker exploited the vulnerability to perform cross-site scripting attacks...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2023:0234-1 Rating: important References: 1214003 1214301 Cross-References: CVE-2023-2312 CVE-2023-4349 CVE-2023-4350 CVE-2023-4351 CVE-2023-4352 CVE-2023-4353 CVE-2023-4354 CVE-2023-4355 CVE-2023-4356 CVE-2023-43...

CVE-2023-40172

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery CSRF attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do...

CVE-2023-40174

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user's session. Soci...

Design/Logic Flaw

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

Cross site request forgery (csrf)

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery CSRF attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do...

CVE-2023-40172 Cross-Site Request Forgery (CSRF) in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery CSRF attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do...

CVE-2023-40172 Cross-Site Request Forgery (CSRF) in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery CSRF attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do...

CVE-2023-40172

The CVE-2023-40172 entry concerns the Social media skeleton project (PHP/CSS/JavaScript/HTML). The vulnerability is a CSRF weakness present in versions prior to 1.0.5, where insufficient CSRF protections existed; upstream fixes address this in version 1.0.5 and upgrading is advised. Documented im...

CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...