1332 matches found
Design/Logic Flaw
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2017-5103
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
Design/Logic Flaw
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
Design/Logic Flaw
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2017-5119
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2017-5117
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2017-5102
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2017-5117
CVE-2017-5117 relates to an uninitialized value in the Skia library used by Chromium/Chrome. The initial entry notes a remote attacker could obtain potentially sensitive information from process memory via a crafted HTML page in Chrome prior to 61.0.3163.79 (Linux/Windows). Connected Debian advis...
CVE-2017-5117
Removed by vendor...
CVE-2017-5119
CVE-2017-5119 concerns the Skia component of Chromium. The initial description notes an uninitialized value in Skia on Chromium before 61.0.3163.79 (and Android 61.0.3163.81), enabling a remote attacker to read potentially sensitive process-memory data via a crafted HTML page (information disclos...
CVE-2017-5117
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2017-5119
Removed by vendor...
CVE-2017-5103
Removed by vendor...
CVE-2017-5103
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
CVE-2017-5102
Removed by vendor...
Amazon Linux AMI : httpd24 / httpd (ALAS-2017-896) (Optionsbleed)
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret...
CVE-2017-9798
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...
CVE-2017-9798
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...
CVE-2017-9798
CVE-2017-9798 affects the Apache HTTP Server (httpd) up to 2.4.27 and 2.2.34. A use-after-free flaw in how httpd handles invalid/previously unregistered HTTP methods specified by the Limit directive (used in .htaccess or certain httpd.conf configurations) can allow a remote, unauthenticated attac...
CVE-2017-9798
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...