EUVD-2023-46456

Malicious code in bioql PyPI...

PT-2024-4026

Name of the Vulnerable Software and Affected Versions: HP Color LaserJet MFP M478-M479 series affected versions not specified Description: The issue is related to a weakness in the authentication procedure of the HP Color LaserJet MFP M478-M479 series, which can potentially expose protected SMTP...

DEBIAN-CVE-2022-3312

Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. Chromium security severity: Medium...

Input validation

Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. Chromium security severity: Medium...

CVE-2022-3312

Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. Chromium security severity: Medium...

UBUNTU-CVE-2022-3312

Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. Chromium security severity: Medium...

CVE-2022-3312

CVE-2022-3312 affects Google Chrome on ChromeOS, where VPN input handling had insufficient validation of untrusted input before version 106.0.5249.62. The underlying issue is in VPN-related code, enabling a local attacker with physical access to bypass managed device restrictions. The evidence co...

CVE-2022-0071

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

Design/Logic Flaw

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

CVE-2022-0071

CVE-2022-0071 documents confirm an incomplete fix for CVE-2021-3101 in Hotdog prior to v1.0.2. The vulnerability arises because Hotdog did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. As a result, a container could exhaust host resources, modif...

CVE-2022-0071 Hotdog Container Escape

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

Code injection

"Tasks" application version before 9.7.3 is affected by insecure permissions. The VoiceCommandActivity application component allows arbitrary applications on a device to add tasks with no restrictions...