9179 matches found
Fedora 38 : chromium (2023-f07892dd59)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f07892dd59 advisory. update to 112.0.5615.49. Fixes the following security issues: CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533...
matrix-js-sdk vulnerable to invisible eavesdropping in group calls
Impact An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker will not appear to be participating in the call. This attack is possibl...
SUSE CVE-2023-26555
praecisparse in ntpd/refclockpalisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver...
Cesanta MJS 安全漏洞
Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. It is designed for microcontrollers with limited resources. The main design goals are a small footprint and simple C/C++ interoperability. A security vulnerability exists in Cesanta MJS version v2.20.0, which stems from...
Resizing tokenIds is wrong in CollectionBatchBuyOperator.execute()
Lines of code Vulnerability details Impact The implementation of resizing an array is wrong in assembly, so the length of the array tokenIds will be wrong. Proof of Concept In CollectionBatchBuyOperator.execute, tokenIds should be resized to tokensBought, and the implementation is as follows:...
An attacker can contribute to the ETH crowdfund using a flash loan and control the party as he likes.
Lines of code Vulnerability details Impact An attacker can have more than half of the total voting power using a flash loan and abuse other contributors. Proof of Concept The main flaw is that the party can distribute funds right after the crowdfund is finalized within the same block. So the...
Debian DSA-5386-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5386 advisory. - Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploi...
Ubuntu: Security Advisory (USN-6014-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6013-1: Linux kernel (AWS) vulnerabilities
Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service connection termination or inject forged data. CVE-2020-36516 Ke Sun, Alyssa Milburn,...
Fedora 36 : chromium (2023-78e350cb88)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-78e350cb88 advisory. update to 112.0.5615.49. Fixes the following security issues: CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533...
USN-6009-1 linux-gcp vulnerabilities
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...
Security fix for the ALT Linux 10 package yandex-browser-stable version 23.3.1.916-alt1
April 11, 2023 Yandex Browser Team 23.3.1.916-alt1 - Browser updated to 23.3.1 + Critical CVE-2023-0941: Use after free in Prompts. + High CVE-2023-0927: Use after free in Web Payments API. + High CVE-2023-0928: Use after free in SwiftShader. + High CVE-2023-0929: Use after free in Vulkan. + High...
Google Chrome WebShare Security Bypass Vulnerability
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome WebShare that originates from improper implementation in WebShare. An attacker can exploit this vulnerability to bypass security restrictions...
Google Chrome FedCM Security Bypass Vulnerability
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome FedCM, which stems from an improper implementation in FedCM. An attacker can exploit this vulnerability to bypass security restrictions...
Chromium: CVE-2023-1813 Inappropriate implementation in Extensions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Amazon Linux 2 : containerd (ALASDOCKER-2023-023)
The version of containerd installed on the remote host is prior to 1.6.19-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2023-023 advisory. containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user c...
KLA48814 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in Navigation can be...
OSV-2023-281 Heap-buffer-overflow in unsigned long simdutf::haswell::convert_masked_utf8_to_utf16<
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57673 Crash type: Heap-buffer-overflow WRITE 16 Crash state: unsigned long simdutf::haswell::convertmaskedutf8toutf16 simdutf::haswell::implementation::convertutf8toutf16le roundtrip.cc...
CVE-2023-1813
Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...
Design/Logic Flaw
Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...