Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI through a malicious file. Chromium security severity: Medium...

SUSE CVE-2024-0814

Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Chromium security severity: Medium...

PT-2024-1389 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 121.0.6167.85 Description: The issue is related to incorrect security UI in Payments, allowing a remote attacker to potentially spoof security UI via a crafted HTML page. This could enable the attacker to bypas...

PT-2024-1383 · Google +5 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 121.0.6167.85 Microsoft Edge affected versions not specified Description: The issue is related to insufficient policy enforcement in the Security UI of Google Chrome and Microsoft Edge browsers, which can be...

CVE-2023-6711

Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Specially crafted messages sent to the mentioned components are not validated properly and can result in buffer overflow and as final consequence to a reboot of an...

SUSE CVE-2023-5851

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-5859

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. Chromium security severity: Low...

PT-2023-9416 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.105 Description: The issue is related to an inappropriate implementation in the Compositing component of Google Chrome, which can be exploited by a remote attacker to potentially spoof the security U...

GHSA-99PC-69Q9-JXF2 Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs

Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords...

DEBIAN-CVE-2023-5486

Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Low...

DEBIAN-CVE-2023-4905

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-4907

Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Low...

PT-2023-5490 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 117.0.5938.62 Description: The issue is related to an inappropriate implementation in the Picture in Picture feature of Google Chrome, allowing a remote attacker to spoof security UI via a crafted HTML page. Th...

SUSE CVE-2023-4364

Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in versions prior to Google Chrome 116.0.5845.96, which stems from an improper implementation in Color that allows remote attackers to obfuscate the security UI via a crafted HTML page...

Google Chrome 安全漏洞

Google Chrome is a web browser by Google, Inc. A security vulnerability exists in Google Chrome prior to version 116.0.5845.96, which stems from an improper implementation of Fullscreen and allows remote attackers to obfuscate the security UI via a crafted HTML page...

PT-2023-4479 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.96 Description: The issue is related to an inappropriate implementation in Color, allowing a remote attacker to obfuscate security UI via a crafted HTML page. This could enable the attacker to bypass...

SUSE CVE-2023-3735

Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2023-3738

Inappropriate implementation in Autofill in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

The vulnerability of the FortiSIEM security management interface, related to the storage of passwords in unencrypted form, allows attackers to gain unauthorized access to databases.

The vulnerability of the FortiSIEM security management interface is related to the storage of passwords in an unencrypted form. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the databases...