Lucene search
K

9185 matches found

OSV
OSV
added 2023/02/08 8:15 p.m.23 views

CVE-2023-0216

An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2iPKCS7, d2iPKCS7bio or d2iPKCS7fp functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in...

7.5CVSS7.6AI score
Exploits0References4
OSV
OSV
added 2023/02/08 8:15 p.m.20 views

CVE-2023-0217

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.4AI score
Exploits0References4
NVD
NVD
added 2023/02/08 8:15 p.m.18 views

CVE-2023-0217

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.2AI score0.01846EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/02/08 7:2 p.m.45 views

CVE-2023-0217

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS6.8AI score0.01846EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/02/08 7:2 p.m.52 views

CVE-2023-0217

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.6AI score0.01846EPSS
Exploits0
Cvelist
Cvelist
added 2023/02/08 7:0 p.m.28 views

CVE-2023-0401 NULL dereference during PKCS7 data verification

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.7AI score0.01846EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/02/08 7:0 p.m.50 views

CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS7.9AI score0.01846EPSS
Exploits0
NVD
NVD
added 2023/02/07 9:15 p.m.26 views

CVE-2023-0700

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00679EPSS
Exploits0References3
NVD
NVD
added 2023/02/07 9:15 p.m.25 views

CVE-2023-0697

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.7AI score0.00514EPSS
Exploits0References3
OSV
OSV
added 2023/02/07 9:15 p.m.21 views

CVE-2023-0700

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5AI score
Exploits0References3
Prion
Prion
added 2023/02/07 9:15 p.m.18 views

Information disclosure

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.2AI score0.00679EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/02/07 9:15 p.m.25 views

Design/Logic Flaw

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: High...

4.3CVSS6.1AI score0.00514EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/02/07 12:0 p.m.20 views

RUSTSEC-2023-0012 `NULL` dereference validating DSA public key

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.4AI score0.01846EPSS
Exploits0References3
RustSec
RustSec
added 2023/02/07 12:0 p.m.35 views

`NULL` dereference validating DSA public key

An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVPPKEYpubliccheck function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allo...

7.5CVSS7.1AI score0.01846EPSS
Exploits0Affected Software1
Kaspersky
Kaspersky
added 2023/02/07 12:0 a.m.54 views

KLA20220 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Full screen mode can be exploited to cause denial of service...

8.8CVSS9.4AI score0.00883EPSS
Exploits0References3
CVE
CVE
added 2023/02/07 12:0 a.m.132 views

CVE-2023-0697

CVE-2023-0697: In Google Chrome for Android, prior to 110.0.5481.77, an inappropriate Fullscreen implementation allows a remote attacker to spoof the security UI via a crafted HTML page. The issue is fixed in Chrome 110.0.5481.77+. Affected product: Google Chrome on Android; root cause: Fullscree...

6.5CVSS6.1AI score0.00514EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2023/02/07 12:0 a.m.30 views

CVE-2023-0401

A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...

7.5CVSS7AI score0.01846EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/02/07 12:0 a.m.34 views

CVE-2023-0700

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS7.1AI score0.00679EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/02/07 12:0 a.m.34 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 15 security fixes, including: 1402270 High CVE-2023-0696: Type Confusion in V8. Reported by Haein Lee at KAIST Hacking Lab on 2022-12-18 1341541 High CVE-2023-0697: Inappropriate implementation in Full screen mode. Reported by Ahmed ElMasry on...

8.8CVSS8.5AI score0.00883EPSS
Exploits0References1
Code423n4
Code423n4
added 2023/02/03 12:0 a.m.14 views

Potential DOS in Contract Inheriting UUPSUpgradeable.sol

Lines of code Vulnerability details Impact There is a contract which inherit UUPSUpgradeable.sol, namely; Managed.sol . The contract is deployed using a proxy pattern whereby the implementation contract is used by the proxy contract for all its logic. The proxy contract will make delegate calls t...

7.3AI score
Exploits0
Rows per page
Query Builder