644 matches found
CVE-2022-0310
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions...
CVE-2022-0310
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions...
CVE-2022-0310
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions...
CVE-2022-0304
Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0300
Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0295
Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page...
Google Chrome Resource Management Error Vulnerability (CNVD-2022-45571)
Google Chrome is a web browser from Google, Inc. A resource management error vulnerability exists in versions of Google Chrome prior to 98.0.4758.80, which could be exploited by remote attackers to convince users to engage in certain user interactions that could potentially exploit heap corruptio...
Cross-site Scripting (XSS) - Stored in liangliangyy/djangoblog
Description Hi there, I would like to report a stored Cross Site Scripting vulnerability in djangoblog source code. Cross-site scripting also known as XSS is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application. It allow...
Google Chrome Resource Management Error Vulnerability (CNVD-2022-15140)
Google Chrome is a web browser from Google, Inc. Google Chrome is vulnerable to a resource management error that could be exploited by attackers to convince users to engage in specific user interactions to exploit heap corruption via carefully designed HTML pages...
Google Chrome Buffer Overflow Vulnerability (CNVD-2022-15134)
Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome, which can be exploited by attackers to potentially corrupt the heap through specific user interactions...
Google Chrome Resource Management Error Vulnerability (CNVD-2022-15136)
Google Chrome is a web browser from Google, Inc. A resource management error vulnerability exists in Google Chrome that could be exploited by attackers to convince users to engage in specific user interactions that could potentially exploit heap corruption via well-designed HTML pages...
Reenterancy in _sendSherRewardsToOwner()
Handle kirk-baird Vulnerability details Impact This is a reentrancy vulnerability that would allow the attacker to drain the entire SHER balance of the contract. Note: this attack requires gaining control of execution sher.transfer which will depend on the implementation of the SHER token. Contro...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. Google Chrome is vulnerable to a resource management error that could be exploited by attackers to convince users to engage in specific user interactions to exploit heap corruption via carefully designed HTML pages...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome, which can be exploited by attackers to potentially corrupt the heap through specific user interactions...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome, which can be exploited by attackers to convince users to engage in specific user interactions to exploit heap corruption via carefully crafted HTML pages...
pay() function has callback to msg.sender before important state updates
Handle jayjonah8 Vulnerability details Impact In TimeswapPair.sol, the pay function has a callback to the msg.sender in the middle of the function while there are still updates to state that take place after the callback. The lock modifier guards against reentrancy but not against cross function...
borrow() function has state updates after a callback to msg.sender
Handle jayjonah8 Vulnerability details Impact In TimeswapPair.sol, the borrow function has a callback to the msg.sender in the middle of the function while there are still updates to state that take place after the callback. The lock modifier guards against reentrancy but not against cross functi...
In the lend() function state updates are made after the callback
Handle jayjonah8 Vulnerability details Impact In TimeswapPair.sol, the lend function has a callback to the msg.sender in the middle of the function while there are still updates to state that take place after the callback. The lock modifier guards against reentrancy but not against cross function...
Friday Squid Blogging: Bobtail Squid and Vibrio Bacteria
Research on the Vibrio bacteria and its co-evolution with its bobtail squid hosts. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
[SECURITY] Fedora 33 Update: js-jquery-ui-1.13.0-1.fc33
A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library...