35 matches found
EUVD-2023-34888
Malicious code in bioql PyPI...
CVE-2023-30877
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov XML for Google Merchant Center plugin = 3.0.1 versions...
CVE-2023-30877
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov XML for Google Merchant Center plugin = 3.0.1 versions...
CVE-2023-30877
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov XML for Google Merchant Center plugin = 3.0.1 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov XML for Google Merchant Center plugin = 3.0.1 versions...
CVE-2023-30877 WordPress XML for Google Merchant Center Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov XML for Google Merchant Center plugin = 3.0.1 versions...
CVE-2023-30877
CVE-2023-30877 affects the WordPress plugin XML for Google Merchant Center (older
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maxim Glazunov YML for Yandex Market plugin = 3.10.7 versions...
CVE-2023-30473
CVE-2023-30473 affects WordPress plugin YML for Yandex Market (author Maxim Glazunov) up to version 3.10.7, with unauthenticated reflected XSS. Patch guidance is to upgrade to 3.10.8 or later. Public sources in connected docs confirm XSS as the vulnerability class and indicate the fix/version. No...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 99 to the stable channel for Windows, Mac and Linux.This will roll out over the coming days/weeks. Chrome 99.0.4844.51 for Windows,Mac and Linux contains a number of fixes and improvements -- a list of changes is available in the lo...
WebKit WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy Heap Use-After-Free
WebKit: heap-use-after-free in WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy VULNERABILITY DETAILS PolicyChecker.cpp: define ISALLOWED mframe.page ? mframe.page-sessionID.isAlwaysOnLoggingAllowed : false define PAGEID mframe.loader.pageID.valueOrPageIdentifier.toUInt64 define FRAMEID...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 9 security fixes, including: 1234764 High CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30 1234770 High CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30 1231134 High CVE-2021-30600: Use after fr...
Debian DSA-4911-1 : chromium - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2021-21227 Gengming Liu discovered a data validation issue in the v8 JavaScript library. - CVE-2021-21228 Rob Wu discovered a policy enforcement error. - CVE-2021-21229 Mohit Raj discovered a user interface error in t...
Debian DSA-4858-1 : chromium - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2021-21148 Mattias Buelens discovered a buffer overflow issue in the v8 JavaScript library. - CVE-2021-21149 Ryoya Tsukasaki discovered a stack overflow issue in the Data Transfer implementation. - CVE-2021-21150 Wooj...
Debian DSA-4645-1 : chromium - security update
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2019-20503 Natalie Silvanovich discovered an out-of-bounds read issue in the usrsctp library. - CVE-2020-6422 David Manouchehri discovered a use-after-free issue in the WebGL implementation. - CVE-2020-6424 Sergei...
WebKit - Universal XSS Using Cached Pages
WebKit - Universal XSS Using Cached Pages VULNERABILITY DETAILS void FrameLoader::detachChildren ... SubframeLoadingDisabler subframeLoadingDisablermframe.document; // 1 Vector, 16 childrenToDetach; childrenToDetach.reserveInitialCapacitymframe.tree.childCount; for Frame child =...
WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment
WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment ReplacementFragment::insertFragmentForTestRenderingNode rootEditableElement auto holder = createDefaultParagraphElementdocument; holder-appendChildmfragment; rootEditableElement-appendChildholder; // 2...
WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment
ReplacementFragment::insertFragmentForTestRenderingNode rootEditableElement auto holder = createDefaultParagraphElementdocument; holder-appendChildmfragment; rootEditableElement-appendChildholder; // 2 document.updateLayoutIgnorePendingStylesheets; return holder;...
Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free Exploit
Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability iterating&iteratinglisteners, true; for auto& listenerref : availabilitylisteners auto listener = listenerref.get; if !listener-urls.Containsurl continue; auto...
Google Chrome 74.0.3729.0 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability
Google Chrome 74.0.3729.0 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability iterating&iteratinglisteners, true; for auto& listenerref : availabilitylisteners auto listener = listenerref.get; if !listener-urls.Containsurl continue; auto screenavailabilit...