268 matches found
USN-5949-1: Chromium vulnerabilities
It was discovered that Chromium could be made to write out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-0930, CVE-2023-1219, CVE-2023-1220,...
Chromium: CVE-2023-1236 Inappropriate implementation in Internals
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
KLA48544 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Policy enforcement...
Google Chrome Security Updates (stable-channel-update-for-desktop-2023-03) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
chromium -- multiple vulnerabilities
Chrome Releases reports: This update includes 40 security fixes: 1411210 High CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong@n3sk of Theori on 2023-01-30 1412487 High CVE-2023-1214: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03 1417176...
Information disclosure
Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. Chromium security severity: Low...
CVE-2023-1236
Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. Chromium security severity: Low...
CVE-2023-1236
CVE-2023-1236 affects Google Chrome (Chromium-based) prior to 111.0.5563.64 via an inappropriate implementation in Internals that allowed remote spoofing of an iframe origin through a crafted HTML page. The issue is logged as a Low severity in Chromium terms (CVSS 3.1 base 4.3, MEDIUM overall). R...
CVE-2023-1236
Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. Chromium security severity: Low...
USN-5767-3: Python vulnerability
USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Ubuntu 18.04 LTS. Original advisory details: Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code...
USN-5767-3 python3.6 vulnerability
USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Ubuntu 18.04 LTS. Original advisory details: Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code...
SUSE CVE-2013-4590
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, .jspx, .tagx, or .tld XML document containing an external entity declaration ...
SUSE CVE-2021-21173
Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
SUSE CVE-2021-21179
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
SUSE CVE-2021-30613
Chromium: CVE-2021-30613 Use after free in Base internals...
USN-5767-1: Python vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-37454 ...
The vulnerability of Google Chrome’s Internals component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of Google Chrome’s Internals component is related to writing beyond the buffer. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
Prototype Pollution
@hapi/hoek is vulnerable to prototype pollution. The function internals.clone allows an attacker to get control of value of “path” and modify attributes such as proto, constructor and prototype...
Google Chrome Internals Heap Buffer Overflow Vulnerability
Google Chrome is a web browser from Google, an American company. A heap buffer overflow vulnerability exists in the Internals component of Google Chrome versions prior to 105.0.5195.125. An attacker can exploit this vulnerability to leverage heap corruption via specially crafted HTML pages...
DEBIAN-CVE-2022-3200
Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...