PT-2023-9801 · Asyncssh +3 · Asyncssh +3

Name of the Vulnerable Software and Affected Versions: AsyncSSH versions 2.14.0 and earlier Description: The issue in AsyncSSH allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, also known as a "Rogue Session Attack." This can lea...

CVE-2023-5920

Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input...

CVE-2023-5920

Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input...

CVE-2023-5920 Lack Of Secure Keyboard Entry Protection in MacOS Desktop

Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input...

CVE-2023-5920

Mattermost Desktop for MacOS is reported to fail to utilize macOS’s secure keyboard input, allowing other processes to read keyboard input. Affected component: Mattermost Desktop for MacOS; underlying issue is failure to activate secure keyboard entry. Documented impact is local access by other p...

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from the US-based company Mattermost. A security vulnerability exists in Mattermost Desktop macOS that stems from the inability of users to utilize the secure keyboard input feature provided by macOS...

PT-2023-32419 · Mattermost · Mattermost Desktop App

Name of the Vulnerable Software and Affected Versions: Mattermost Desktop for MacOS affected versions not specified Description: The issue is related to Mattermost Desktop for MacOS failing to utilize the secure keyboard input functionality provided by macOS. This failure allows other processes t...

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

A proof-of-concept PoC has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim's master password in cleartext under specific circumstances. The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux,...

SUSE CVE-2017-8379

Memory leak in the keyboard input event handlers support in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption by rapidly generating large keyboard events...

SUSE CVE-2022-2612

Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10092-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...

DEBIAN-CVE-2022-2612

Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2022-2612

Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2022-2612

Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

Design/Logic Flaw

Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2022-2612

Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2022-2612

CVE-2022-2612 affects Google Chrome/Chromium prior to version 104.0.5112.79. The issue is a side-channel information leakage in keyboard input that lets a remote attacker who has already compromised the renderer process exfiltrate potentially sensitive data from process memory via a crafted HTML ...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10086-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...

Information Disclosure

chrome is vulnerable to information disclosure. The vulnerability exists due to a side-channel information leakage in Keyboard input in Google Chrome allowing a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted...

Microsoft Edge (Chromium) < 104.0.1293.47 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 104.0.1293.47. It is, therefore, affected by multiple vulnerabilities as referenced in the August 5, 2022 advisory. - Use after free in Omnibox. CVE-2022-2603 - Use after free in Safe Browsing. CVE-2022-2604 - Out of...