674 matches found
Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...
chromium-browser: Use after free in WebRTC
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Use after free in WebRTC
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Use after free in WebRTC
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Security Bulletin: Multiple vulnerabilities affects IBM Jazz Foundation and IBM Engineering products.
Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Lifecycle Optimization - Engineeri...
chromium-browser: Inappropriate implementation in WebRTC
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream...
Security Bulletin: Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology
Summary There are multiple vulnerabilities in IBM WebSphere Application Server bundled with IBM Jazz Team Server based Applications that affect the following products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rationa...
chromium-browser: Inappropriate implementation in WebRTC
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream...
chromium-browser: Inappropriate implementation in WebRTC
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream...
DEBIAN-CVE-2020-6529
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page...
CVE-2019-4747
IBM Team Concert RTC is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172887...
CVE-2019-4747
The CVE-2019-4747 entry concerns IBM Team Concert (RTC). The vulnerability is a cross-site scripting flaw in the Web UI that could allow an attacker to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Key details from the connected IBM bulletin a...
CVE-2019-4747
IBM Team Concert RTC is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172887...
Security Bulletin: Cross-site Scripting and Vulnerable library - JQuery v1.11.1 affects IBM Engineering Workflow Management
Summary There are two vulnerabilities that affect IBM Engineering Workflow Management, there is a cross-site scripting stored in EWM code and actually library JQuery is vulnerable too. Vulnerability Details CVEID: CVE-2019-4747 DESCRIPTION: IBM Team Concert RTC is vulnerable to cross-site...
DEBIAN-CVE-2020-13900
An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janussdppreparse in sdp.c has a NULL pointer dereference...
DEBIAN-CVE-2020-6467
Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
usrsctp: Buffer overflow in AUTH chunk input validation
A flaw was found in Mozilla Firefox and Thunderbird. When parsing and validating SCTP chunks in WebRTC a memory buffer overflow could occur leading to memory corruption and an exploitable crash. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
usrsctp: Buffer overflow in AUTH chunk input validation
A flaw was found in Mozilla Firefox and Thunderbird. When parsing and validating SCTP chunks in WebRTC a memory buffer overflow could occur leading to memory corruption and an exploitable crash. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
usrsctp: Buffer overflow in AUTH chunk input validation
A flaw was found in Mozilla Firefox and Thunderbird. When parsing and validating SCTP chunks in WebRTC a memory buffer overflow could occur leading to memory corruption and an exploitable crash. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
chromium-browser: Uninitialized use in WebRTC
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...