DEBIAN-CVE-2023-4572

Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems, PHOENIX CONTACT WP 6xxx, arises due to errors in processing hypertext links. This vulnerability allows a intruder to gain unauthorized access to protected information.

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems, PHOENIX CONTACT WP 6xxx, is related to errors in processing hypertext links. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems, PHOENIX CONTACT WP 6xxx, arises due to errors in processing hypertext links. This vulnerability allows an intruder to gain unauthorized access to protected information.

The vulnerability of microprogrammed software in web panels for controlling and monitoring processes in industrial systems, PHOENIX CONTACT WP 6xxx, is related to errors in processing hypertext links. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...

CVE-2023-41121

Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to access to resources through incompatible types. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created HTML page...

The vulnerability of Google Chrome’s Skia graphic library allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s Skia graphics library is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code through a specially created HTML page...

The vulnerability of the Fullscreen application interface of Google Chrome’s browser allows a hacker to bypass existing security restrictions.

The vulnerability of the Fullscreen application interface of Google Chrome’s browser is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions on the browser page through a specially...

The vulnerability of the Google Chrome XML browser component allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Google Chrome XML browser component is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a specially created HTML page...

The vulnerability of Google Chrome’s Autofill function for Android allows attackers to circumvent existing security restrictions.

The vulnerability of Google Chrome’s Autofill function for Android relates to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...

PT-2023-4504 · Google +2 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.110 Description: The issue is related to an out of bounds memory access in V8, allowing a remote attacker to perform an out of bounds memory read via a crafted HTML page. This can potentially impact...

Important: containerd

Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct...

Juniper Networks Junos OS EX 安全漏洞

Juniper Networks Junos OS EX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS EX, which is caused by a PHP external variab...

SUSE CVE-2023-4364

Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2023-4367

Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-4363

Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-4360

Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 116.0.5845.96, which stems from a mix-up of instructions responsible for freeing memory in Extensions. A remote attacker can exploit this vulnerability...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 116.0.5845.96, which stems from a boundary error in Skia when handling untrusted input, and can be exploited by a remote attacker to corrupt the renderer...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google Inc. in the United States. A security vulnerability exists in Google Chrome prior to version 116.0.5845.96, which stems from an inadequate enforcement of Extensions API policies, allowing remote attackers to bypass corporate policies via a crafted HTML...

CVE-2023-38687 Execution of arbitrary JavaScript from Svelecte item names

Svelecte is a flexible autocomplete/select component written in Svelte. Svelecte item names are rendered as raw HTML with no escaping. This allows the injection of arbitrary HTML into the Svelecte dropdown. This can be exploited to execute arbitrary JavaScript whenever a Svelecte dropdown is...