3841 matches found
CVE-2023-1811
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Design/Logic Flaw
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
UBUNTU-CVE-2023-1811
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-1811
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-1811
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-1811
CVE-2023-1811 is a Chrome/Chromium use-after-free in the Frames component causing potential heap corruption when a user engages in specific UI interactions with a crafted HTML page. The issue affects Google Chrome before version 112.0.5615.49 (reported as a high-severity, network-exploitable vuln...
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
GHSA-6WRF-MXFJ-PF5P Docker Swarm encrypted overlay network with a single endpoint is unauthenticated
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome Frames, which stems from the presence of a post-release reuse issue...
Moby 安全漏洞
Moby is an open source project that aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby version 1.12 and later. An attacker exploited the vulnerability to inject arbitrary Ethernet frames into a cryptographic...
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices
A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP...
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices
A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP...
Improper Restriction of Rendered UI Layers or Frames
Description The osTicket uses an incorrect method to validate the src attribute of the iframe tag. Although it appears that osTicket restricts domains through a whitelist, attackers can easily bypass this restriction. Proof of Concept This iframe is going to render www.youtube.com.attacker's serv...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, USA. An input validation error vulnerability exists in Google TensorFlow version 2.12 prior to 2.12.0 and version 2.11 prior to 2.11.1, which stems from an integer overflow that occurs when "2^31 =...
CVE-2023-25667
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-20112
A vulnerability in Cisco access point AP software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this...
CVE-2023-20112
A vulnerability in Cisco access point AP software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this...
Input validation
A vulnerability in Cisco access point AP software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this...
CVE-2023-20112
The CVE-2023-20112 entry describes a DoS in Cisco access point software caused by insufficient validation of parameters in 802.11 frames. An unauthenticated, adjacent attacker can trigger an unexpected reload by sending a crafted 802.11 association request frame, leading to device DoS. Affected: ...
CVE-2023-20112 Cisco Access Point Software Association Request Denial of Service Vulnerability
A vulnerability in Cisco access point AP software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this...