Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1527-1 Rating: important References: 1176791 Cross-References: CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 Affected Products: openSUSE Leap 15.2...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server packages arises from insufficient validation of input data, allowing unauthorized access to data modifications.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Foundation, and Microsoft SharePoint Enterprise Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to and modify data...

Fortinet FortiAnalyzer Cross-Site Scripting Vulnerability (CNVD-2020-53812)

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...

FreeBSD : chromium -- multiple vulnerabilities (e68d3db1-fd04-11ea-a67f-e09467587c17)

Chrome Releases reports : This release fixes 10 security issues, including : - 1100136 High CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous on 2020-06-28 - 1114636 High CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-10 -...

CVE-2020-15964

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6571

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2020-15964

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Input validation

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2020-15964

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Input validation

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-6571

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

UBUNTU-CVE-2020-6571

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2020-6571

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2020-6571

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2020-15964

CVE-2020-15964 is a Chrome/Chromium vulnerability affecting the media component (V8) with a pre-85.0.4183.121 build. The issue is described as an out-of-bounds write in V8 that could enable remote arbitrary code execution, tied to heap corruption in crafted HTML pages. Multiple connected advisori...

CVE-2020-15964

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-15964

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Denial Of Service (DoS)

wireshark is vulnerable to denial of service DoS. The vulnerability exists as the NetScaler file parser could crash through poor data validation in wiretap/netscaler.c...

Authorization Bypass

chrome is vulnerable to authorization bypass. Insufficient data validation in the SQLite allows a remote attacker to bypass authorization measures via a malicious HTML page...