Lucene search
K

21 matches found

Talos Blog
Talos Blog
added 2024/09/06 10:0 a.m.62 views

Vulnerability in Tencent WeChat custom browser could lead to remote code execution

Certain versions of WeChat, a popular messaging app created by tech giant Tencent, contain a type confusion vulnerability that could allow an adversary to execute remote code. While this issue, CVE-2023-3420, was disclosed and patched in the V8 engine in June 2023, the WeChat Webview component wa...

8.8CVSS8.9AI score0.56192EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.22 views

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.56192EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/24 12:0 a.m.205 views

openSUSE 15 Security Update : opera (openSUSE-SU-2023:0251-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0251-1 advisory. - Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process...

8.8CVSS8AI score0.56192EPSS
Exploits2References73
Tenable Nessus
Tenable Nessus
added 2023/07/14 12:0 a.m.29 views

FreeBSD : electron22 -- multiple vulnerabilities (3446e45d-a51b-486f-9b0e-e4402d91fed6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3446e45d-a51b-486f-9b0e-e4402d91fed6 advisory. - Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to...

8.8CVSS8.6AI score0.56192EPSS
Exploits0References7
FreeBSD
FreeBSD
added 2023/07/12 12:0 a.m.34 views

electron22 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-3422. Security: backported fix for CVE-2023-3421. Security: backported fix for CVE-2023-3420...

8.8CVSS7AI score0.56192EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/06 12:0 a.m.25 views

FreeBSD : electron{23,24} -- multiple vulnerabilities (d1681df3-421e-4a63-95b4-a3d6e29d395d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d1681df3-421e-4a63-95b4-a3d6e29d395d advisory. - Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to...

8.8CVSS8.6AI score0.56192EPSS
Exploits0References7
FreeBSD
FreeBSD
added 2023/07/05 12:0 a.m.29 views

electron{23,24} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-3422. Security: backported fix for CVE-2023-3421. Security: backported fix for CVE-2023-3420...

8.8CVSS7AI score0.56192EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/30 12:0 a.m.170 views

Microsoft Edge (Chromium) < 114.0.1823.67 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 114.0.1823.67. It is, therefore, affected by multiple vulnerabilities as referenced in the June 29, 2023 advisory. - Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentiall...

8.8CVSS8.4AI score0.56192EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2023/06/29 10:2 p.m.52 views

Chromium: CVE-2023-3420 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.56192EPSS
Exploits0
Kaspersky
Kaspersky
added 2023/06/29 12:0 a.m.41 views

KLA50556 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Guest View can be exploited to cause denial of service or...

8.8CVSS9.7AI score0.56192EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2023/06/29 12:0 a.m.69 views

KLA50530 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability in V8 can be exploited to cause denial of service. 2. Use after free...

8.8CVSS9.9AI score0.56192EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/06/29 12:0 a.m.25 views

Debian: Security Advisory (DSA-5440-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.56192EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2023/06/29 12:0 a.m.8 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2023:0159-1 Rating: important References: 1212755 Cross-References: CVE-2023-3420 CVE-2023-3421 CVE-2023-3422 Affected Products: openSUSE Backports SLE-15-SP4 openSUSE Backports SLE-15-SP5 An update that fixes thr...

8.8CVSS9.6AI score0.56192EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/06/27 12:0 a.m.27 views

FreeBSD : chromium -- multiple vulnerabilities (ad05a737-14bd-11ee-8290-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ad05a737-14bd-11ee-8290-a8a1599412c6 advisory. - Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to...

8.8CVSS8.6AI score0.56192EPSS
Exploits0References5
OSV
OSV
added 2023/06/26 9:15 p.m.19 views

CVE-2023-3420

Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/06/26 9:15 p.m.32 views

CVE-2023-3420

Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.56192EPSS
Exploits0References3
CVE
CVE
added 2023/06/26 8:40 p.m.191 views

CVE-2023-3420

CVE-2023-3420 describes a Type Confusion in V8 affecting Google Chrome/Chromium before 114.0.5735.198, allowing a remote attacker to trigger heap corruption via a crafted HTML page. Affected downstream advisories/coordination reference Chromium fixes prior to 114.0.5735.198 (e.g., Debian DSA-5440...

8.8CVSS8.4AI score0.56192EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/26 8:40 p.m.9 views

CVE-2023-3420

Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6.5AI score0.56192EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2023/06/26 12:0 a.m.25 views

KLA50500 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Guest View can be exploited to cause denial of service or...

8.8CVSS9.8AI score0.56192EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/06/26 12:0 a.m.27 views

Google Chrome < 114.0.5735.198 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 114.0.5735.198. It is, therefore, affected by multiple vulnerabilities as referenced in the 202306stable-channel-update-for-desktop26 advisory. - Use after free in Guest View in Google Chrome prior to 114.0.5735.198...

8.8CVSS8.6AI score0.56192EPSS
Exploits0References7
Rows per page
Query Builder