CVE-2024-7972

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-7972

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...

[SECURITY] [DSA 5752-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5752-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq -...

OSV-2024-1043 Heap-buffer-overflow in simdutf::haswell::implementation::convert_utf8_to_latin1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71307 Crash type: Heap-buffer-overflow WRITE Crash state: simdutf::haswell::implementation::convertutf8tolatin1 Conversion Conversion...

Google Chrome 安全漏洞

Google Chrome is a web browser by Google Inc. of the U.S. V8 is one of the open source JavaScript engines. A security vulnerability exists in Google Chrome version 128.0.6613.84 and prior versions, which stems from the inclusion of a mal-implementation issue...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome version 128.0.6613.84 and prior versions, which stems from the inclusion of a mal-implementation issue...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome version 128.0.6613.84 and prior versions, which stems from the inclusion of a mal-implementation issue...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome version 128.0.6613.84 and prior versions, which stems from the inclusion of a mal-implementation issue...

Google Chrome 安全漏洞

Google Chrome is a web browser by Google Inc. of the U.S. V8 is one of the open source JavaScript engines. A security vulnerability exists in Google Chrome version 128.0.6613.84 and prior versions, which stems from the inclusion of a mal-implementation issue...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 38 security fixes: 358296941 High CVE-2024-7964: Use after free in Passwords. Reported by Anonymous on 2024-08-08 356196918 High CVE-2024-7965: Inappropriate implementation in V8. Reported by TheDog on 2024-07-30 355465305 High CVE-2024-7966: Out of...

Google Chrome < 128.0.6613.84 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 128.0.6613.84. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop21 advisory. - Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

Fedora 39 : bind / bind-dyndb-ldap (2024-ef8a7031e7)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-ef8a7031e7 advisory. Update to BIND 9.18.28 Security Fixes - A malicious DNS client that sent many queries over TCP but never read the responses could cause a server to...

Why Training is Critical to Implementing Cisco HyperShield

Cary, United States / North Carolina, 16th August 2024, CyberNewsWire...

Security Bypass

github.com/cilium/cilium is vulnerable to Security Bypass. The vulnerability is due to improper implementation of match precedence in Gateway API HTTPRoutes and GRPCRoutes, where request headers are matched before request methods. It allows an attacker to exploit the incorrect request handling...

Moderate: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Medium: openssl

Issue Overview: Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that ar...

Russh has an OOM Denial of Service due to allocation of untrusted amount

Summary Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. Details An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length, russh allocates enough memory...

Fedora: Security Advisory (FEDORA-2024-4b0d95b102)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

protobuf-c: Multiple Vulnerabilities

Background protobuf-c is a protocol buffers implementation in C. Description Multiple denial of service vulnerabilities have been discovered in protobuf-c. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time. Resolution All...