96 matches found
Malicious code in figma-api-spellcheck (npm)
The package figma-api-spellcheck was found to contain malicious code...
GHSA-9CQ2-PCGR-8H62 Cross-site Scripting in eZFind spellcheck
This security advisory fixes a vulnerability in the legacy eZ Find extension, which can be used with the LegacyBridge in eZ Platform. It affects sites using the "Did you mean...?" spell check / search suggestion feature. This feature is vulnerable to Cross-site Scripting XSS injection reflected...
GLSA-202402-14 : QtWebEngine: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-14 QtWebEngine: Multiple Vulnerabilities - Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...
openSUSE 15 Security Update : opera (openSUSE-SU-2023:0396-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0396-1 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to...
Fedora 37 : chromium (2023-ceaa6b19c1)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ceaa6b19c1 advisory. update to 119.0.6045.199, upstream security release High CVE-2023-6345: Integer overflow in Skia High CVE-2023-6346: Use after free in WebAudio High...
Type Confusion
Google Chrome is vulnerable to Type Confusion. The vulnerability exists in the Spellcheck component of the library. An attacker who has compromised the renderer process may potentially perform heap corruption via a crafted HTML page...
SUSE CVE-2023-6348
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Update your browser: Security fixes for latest Chrome bugs
News, Security Update your browser: Security fixes for latest Chrome bugs Share December 1st, 2023 Hi everyone! The latest patches to the Opera, Opera GX, and Opera Crypto browsers address several recent vulnerabilities, including a zero-day exploit CVE-2023-6345. We recommend updating your...
openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0387-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0387-1 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to...
Chromium: CVE-2023-6348 Type Confusion in Spellcheck
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
DEBIAN-CVE-2023-6348
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-6348
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-6348
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Type confusion
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-6348
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2023-6348
CVE-2023-6348 describes a Type Confusion in Chrome/Chromium’s Spellcheck that could allow heap corruption when a renderer is compromised via a crafted HTML page. Connected sources confirm affected components as Chromium-based browsers (Chrome/Chromium) and outline remediation by upgrading to Chro...
Google Chrome Security Vulnerability
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome version 119.0.6045.199 and prior versions, which stems from a type confusion issue in the Spellcheck module...
Microsoft Edge (Chromium) < 118.0.2088.122 / 119.0.2151.97 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 118.0.2088.122 / 119.0.2151.97. It is, therefore, affected by multiple vulnerabilities as referenced in the November 29, 2023 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remo...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 7 security fixes: 1491459 High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10 1494461 High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Resear...
Google Chrome < 119.0.6045.199 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 119.0.6045.199. It is, therefore, affected by multiple vulnerabilities as referenced in the 202311stable-channel-update-for-desktop28 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed...