CVE-2021-4056

CVE-2021-4056 is a type-confusion vulnerability in the loader component of the Chromium browser engine, present in Chrome/Chromium prior to version 96.0.4664.93. A remote attacker could potentially cause arbitrary code execution through a crafted HTML page, as described in multiple vendor advisor...

CVE-2021-38005

Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-38005

Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the loader components in Microsoft Edge and Google Chrome allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Loader components in Microsoft Edge and Google Chrome is related to type conversion errors. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code or cause a service failure through a specially created malicious web page...

Google Chrome Loader data validation error vulnerability

Google Chrome is a web browser from Google, Inc. A data validation error vulnerability exists in the loader component of Google Chrome prior to version 96.0.4664.93. It allows remote attackers to compromise cross-domain data via crafted HTML pages...

CVE-2021-44005

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code ...

CVE-2021-44004

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak...

CVE-2021-44008

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak...

CVE-2021-44007

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll contains an off-by-one error in the heap while parsing specially crafted TIFF files. This could allow an attacker to cause a denial-of-service condition...

CVE-2021-44010

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak...

CVE-2021-44009

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll is vulnerable to an out of bounds read past the end of an allocated buffer when parsing TIFF files. An attacker could leverage this vulnerability to leak...

CVE-2021-44003

A vulnerability has been identified in JT2Go All versions V13.2.0.5, Teamcenter Visualization All versions V13.2.0.5. The TiffLoader.dll is vulnerable to use of uninitialized memory while parsing user supplied TIFF files. This could allow an attacker to cause a denial-of-service condition...

Updated curaengine packages fix security vulnerability

Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An...

CVE-2021-4007

Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent versions 3.0.1 to 3.1.2.34 start, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is...

Chromium: CVE-2021-4056: Type Confusion in loader

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Samsung Ldfw 缓冲区错误漏洞

Samsung Ldfw is a loadable firmware from Samsung South Korea. A security vulnerability exists in Samsung LDFW and BL31 that stems from incorrect boundary checking of the LDFW and BL31 security logs, allowing an attacker to arbitrarily write to memory and execute code...

Security Bulletin: This Power System update is being released to address CVE 2018-1992

Summary POWER9: In response to a buffer overflow vulnerability on the boot loader, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2018-1992. Vulnerability Details CVEID: CVE-2018-1992 DESCRIPTION: The IBM POWER9 boot firmware'...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google Inc. in the United States. A security vulnerability exists in Google Chrome that stems from a type confusion in the loader program...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google, Inc. A data validation error vulnerability exists in the loader component of Google Chrome prior to version 96.0.4664.93. It allows remote attackers to compromise cross-domain data via crafted HTML pages...

KLA12373 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, inject malicious code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...