Yunnan ChainDrop Technology Co., Ltd.'s Siyuan Notes Software Web Application Has XSS Vulnerability

SiYuan Notes Software Web App is a privacy-first personal knowledge management system that supports full offline use as well as end-to-end encrypted synchronization. Yunnan ChainDrop Technology Co., Ltd. has an XSS vulnerability in the Siyuan Notes Software Web application, which can be exploited...

SiYuan Notes Software Web App is a privacy-first personal knowledge management system that supports full offline use as well as end-to-end encrypted synchronization. Yunnan ChainDrop Technology Co., Ltd. has an XSS vulnerability in the Siyuan Notes Software Web application, which can be exploited by attackers to obtain sensitive information such as user cookies.

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A code execution vulnerability exists in Apache Airflow HDFS Provider, which stems...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1350-1 Rating: important References: 1190765 1191166 1191204 1191463 Cross-References: CVE-2021-37956 CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37960 CVE-2021-37961 CVE-2021-37962 CVE-2021-37963...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1339-1 Rating: important References: 1190765 1191166 1191204 Cross-References: CVE-2021-37956 CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37960 CVE-2021-37961 CVE-2021-37962 CVE-2021-37963...

DEBIAN-CVE-2021-37956

Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-37956

Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

CVE-2021-37956

CVE-2021-37956 describes a use-after-free in Offline use in Google Chrome on Android prior to 94.0.4606.54, where a renderer compromise could potentially enable heap corruption via a crafted HTML page. The connected Debian advisory confirms this CVE is among multiple Chromium issues and provides ...

CVE-2021-37956

Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

Denial Of Service (DoS)

chromium is vulnerable to denial of service. The vulnerability exists due to the use-after-free in offline use, leading to an application crash...

FreeBSD : chromium -- multiple vulnerabilities (3551e106-1b17-11ec-a8a7-704d7b472482)

Chrome Releases reports : This update contains 19 security fixes, including : - 1243117 High CVE-2021-37956: Use after free in Offline use. Reported by Huyna at Viettel Cyber Security on 2021-08-24 - 1242269 High CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang on 2021-08-23 -...

Chromium: CVE-2021-37956 Use after free in Offline use

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA12299 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in Tab...

Google Chrome < 94.0.4606.54 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 202109stable-channel-update-for-desktop21 advisory. - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54...