(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

(0Day) Ansys SpaceClaim X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XT...

(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

Adobe InDesign 缓冲区错误漏洞

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds write vulnerability that stems from a lack of proper validation of user-supplied data, which can be exploited by an attacker to execute arbitrary code i...

OPENSUSE-SU-2022:10119-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 105.0.5195.102 boo1203102: CVE-2022-3075: Insufficient data validation in Mojo Chromium 105.0.5195.52 boo1202964: CVE-2022-3038: Use after free in Network Service CVE-2022-3039: Use after free in WebSQL CVE-2022-3040: Use after free in...

It can be Underflow

Lines of code Vulnerability details 🎨 Category Data Validation 💥 Impact If amountIn is greater than redeemBase, this happens underflow and reverting the transaction. 📝 Proof of Concept The value of amountIn can set by users so It can be underflow. e.g redeemBase = 5 redeemaddresstest, 10 This...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10119-1 Rating: important References: 1202403 1202964 1203102 Cross-References: CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 CVE-2022-3042 CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 CVE-2022-3046...

WordPress plugin Apasionados Export Post Info 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

Microsoft Edge (Chromium-Based) Insufficient data validation Vulnerability (Sep 2022)

This host is missing an important security update according to Microsoft Edge Chromium-Based update. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Google Chromium Mojo Insufficient Data Validation Vulnerability

Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium,...

Debian DSA-5225-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5225 advisory. A security issue was discovered in Chromium, which could result in the execution of arbitrary code. For the stable distribution bullseye, this problem has been fixed in...

Google Chrome Security Update (stable-channel-update-for-desktop-2022-09) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Security Update (stable-channel-update-for-desktop-2022-09) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Mageia: Security Advisory (MGASA-2022-0318)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0318 Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the new 105 branch with the 105.0.5195.102 version, fixing many bugs and 25 vulnerabilities. Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild. Some of the addressed CVE are listed below: High CVE-2022-3075:...

FreeBSD : chromium -- insufficient data validation in Mojo (f38d25ac-2b7a-11ed-a1ef-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f38d25ac-2b7a-11ed-a1ef-3065ec8fd3ec advisory. - Insufficient data validation in Mojo. CVE-2022-3075 Note that Nessus has not tested for this issue bu...

Chromium: CVE-2022-3075 Insufficient data validation in Mojo

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware of reportsrts that an exploit for CVE-2022-3075 exists in the wild...