Microsoft Edge (Chromium) < 101.0.1210.32 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 101.0.1210.32. It is, therefore, affected by multiple vulnerabilities as referenced in the April 28, 2022 advisory. - Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 30 security fixes, including: 1313905 High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park SeHwa on 2022-04-06 1299261 High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park SeHwa on 2022-02-20 1305190 High...

KLA12517 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Input can...

GSD-2022-1002515 llc: only change llc->dev when bind() succeeds

llc: only change llc-dev when bind succeeds This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.309 by commit...

GSD-2022-1002387 gcc-plugins: latent_entropy: use /dev/urandom

gcc-plugins: latententropy: use /dev/urandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.276 by commit...

GSD-2022-1002158 gcc-plugins: latent_entropy: use /dev/urandom

gcc-plugins: latententropy: use /dev/urandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.190 by commit...

GSD-2022-1002157 ipv6: fix panic when forwarding a pkt with no in6 dev

ipv6: fix panic when forwarding a pkt with no in6 dev This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.190 by commit...

GSD-2022-1001951 gcc-plugins: latent_entropy: use /dev/urandom

gcc-plugins: latententropy: use /dev/urandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.112 by commit...

GSD-2022-1001933 llc: only change llc->dev when bind() succeeds

llc: only change llc-dev when bind succeeds This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.32 by commit...

GSD-2022-1001647 gcc-plugins: latent_entropy: use /dev/urandom

gcc-plugins: latententropy: use /dev/urandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.35 by commit...

GSD-2022-1000963 gcc-plugins: latent_entropy: use /dev/urandom

gcc-plugins: latententropy: use /dev/urandom This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.4 by commit...

dev-socio.themaiapp.com Cross Site Scripting vulnerability OBB-2552260

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Slackware: Security Advisory (SSA:2009-111-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Into the Breach: Breaking Down 3 SaaS App Cyber Attacks in 2022

During the last week of March, three major tech companies - Microsoft, Okta, and HubSpot - reported significant data breaches. DEV-0537, also known as LAPSUS$, performed the first two. This highly sophisticated group utilizes state-of-the-art attack vectors to great success. Meanwhile, the group...

dev-lyss.gemeinde.ch Cross Site Scripting vulnerability OBB-2467521

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2022-1222

Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV...

CVE-2022-1222

Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV...

Design/Logic Flaw

Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV...

CVE-2022-1222

Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV...

DEBIAN-CVE-2022-1172

Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV...