1335 matches found
CVE-2023-25731
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...
CVE-2023-25731
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...
CVE-2023-25731
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...
CVE-2023-25731
CVE-2023-25731 affects Mozilla Firefox prior to 110, where URL previews in the network panel’s developer tools could allow query parameters to overwrite global objects in privileged code. The issue is confirmed by multiple sources stating Firefox
Linux Kernel vmwgfx Driver Double Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
Linux Kernel vmwgfx Driver Race Condition Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...
Linux Kernel ksmbd RCU Callback Race Condition Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
Schneider Electric APC Easy UPS Online SNMPDBManager Use of Hard-Coded Credentials Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric APC Easy UPS Online. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...
Microsoft Windows win32kfull Null Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...
Aruba Networks InstantOS 安全漏洞
Aruba Networks InstantOS is an Arch Linux-based distribution from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks InstantOS and ArubaOS 10, which stems from a buffer overflow vulnerability in the underlying service that can be exploited by an attacker to execute arbitrary...
Aruba Networks InstantOS 安全漏洞
Aruba Networks InstantOS is an Arch Linux-based distribution from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks InstantOS and ArubaOS 10, which stems from a buffer overflow vulnerability in the underlying service that can be exploited by an attacker to execute arbitrary...
Aruba Networks InstantOS 安全漏洞
Aruba Networks InstantOS is an Arch Linux-based distribution from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks InstantOS and ArubaOS 10, which stems from a buffer overflow vulnerability in the underlying service that can be exploited by an attacker to execute arbitrary...
Use Of Uninitialized Variable
linux-gke is vulnerable to Use of Uninitialized Variable. The vulnerability allows users with the ability to execute high-privileged code to exploit the flaws within 'nftosfeval function' causing a lack of proper initialization of memory prior to accessing it resulting in the attacker gaining...
(Pwn2Own) VMware Workstation UHCI Component Uninitialized Variable Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
(Pwn2Own) Oracle VirtualBox GPA Request Handling Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
(Pwn2Own) Oracle VirtualBox OHCI USB Controller Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
(Pwn2Own) Oracle VirtualBox VGA MMIO Handling Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
Microsoft Windows win32kfull Null Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...
Microsoft Windows win32kfull Null Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...