9179 matches found
CVE-2023-1823
Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2023-1823
CVE-2023-1823 concerns Google Chrome's FedCM: an improper FedCM implementation allows a remote attacker to bypass navigation restrictions via a crafted HTML page. Affected product/component: Chrome/Chromium FedCM integration. Root cause: Inappropriate implementation in FedCM. Impact: navigation r...
CVE-2022-25745 Always Incorrect Control Flow Implementation in MODEM
Memory corruption in modem due to improper input validation while handling the incoming CoAP message...
Google Chrome < 112.0.5615.49 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 112.0.5615.49. It is, therefore, affected by multiple vulnerabilities as referenced in the 202304stable-channel-update-for-desktop advisory. - Heap buffer overflow in Browser History in Google Chrome prior to...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 112 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 112.0.5615.49 Linux and Mac, 112.0.5615.49/50 Windows contains a number of fixes and improvements -- a list of changes is...
Google Chrome < 112.0.5615.49 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 112.0.5615.49. It is, therefore, affected by multiple vulnerabilities as referenced in the 202304stable-channel-update-for-desktop advisory. - Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.4...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome FedCM, which stems from an improper implementation in FedCM. An attacker can exploit this vulnerability to bypass security restrictions...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome WebShare that originates from improper implementation in WebShare. An attacker can exploit this vulnerability to bypass security restrictions...
"It's The Service Accounts, Stupid": Why Do PAM Deployments Take (almost) Forever To Complete?
Privileged Access Management PAM solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory, the PAM concept makes absolute sense: place admin credentials in a vault, rotate their passwords, and closely monitor their sessions. However, the hars...
USN-5991-1 linux-gcp-4.15 vulnerabilities
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service memory exhaustion. CVE-2021-3669 It was discovered that a use-after-free vulnerability existed in the SGI GRU...
CVE-2023-28644
Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch before 25.0.3 an inefficient fetch operation may impact server performances and/or can lead to a denial of service. This issue has been addressed and it is recommended that the Nextcloud Server is...
CVE-2023-26545
A double-free flaw was found in the Linux kernel when the MPLS implementation handled sysctl allocation failures. This issue could allow a local user to cause a denial of service or possibly execute arbitrary code...
WstEth.withdraw() improper implementation of slippage check
Lines of code Vulnerability details Impact In the current implementation of withdraw, the amount is not controlled by minOut. Impact: Users can get rekt. Proof of Concept function withdrawuint256 amount external onlyOwner IWStETHWSTETH.unwrapamount; uint256 stEthBal =...
CVE-2023-27534
A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...
SUSE SLES15 / openSUSE 15 Security Update : containerd (SUSE-SU-2023:1628-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1628-1 advisory. - containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust...
Design/Logic Flaw
The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate...
Mageia: Security Advisory (MGASA-2023-0016)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
io.apiman:apiman-distro-db (>=1.1.2.Final <=1.2.6.Beta3), io.apiman:apiman-distro-db-es (>=1.1.2.Final <=1.2.6.Beta3) +23 more potentially affected by CVE-2023-28640 via io.apiman:apiman-manager-api-rest-impl (>=1.1.2.Final <=3.0.0.RC6)
io.apiman:apiman-manager-api-rest-impl MAVEN version =1.1.2.Final, =1.1.2.Final, =1.1.2.Final, =1.1.6.Final, =1.2.2.Final, =1.2.2.Final, =1.2.2.Final, =1.1.2.Final, =1.2.1.Final, =1.1.5.Final, =1.1.2.Final, =1.2.2.Final, =1.1.2.Final, =1.1.2.Final, =1.1.2.Final, =1.1.2.Final, =1.2.0.Final and mor...
CVE-2023-28102 Command injection in discordrb
discordrb is an implementation of the Discord API using Ruby. In discordrb before commit 91e13043ffa the encoder.rb file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. The library is not directly...
CVE-2023-28638 Stack references to locations outside buffers may become invalid if they exist during a GC compaction in Snappier
Snappier is a high performance C implementation of the Snappy compression algorithm. This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. In this release, much of the code was rewritten to use byte references rather than pointers to pinned buffers. This change...