Lucene search
K

96 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in figma-api-spellcheck (npm)

The package figma-api-spellcheck was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2024/05/15 9:7 p.m.18 views

GHSA-9CQ2-PCGR-8H62 Cross-site Scripting in eZFind spellcheck

This security advisory fixes a vulnerability in the legacy eZ Find extension, which can be used with the LegacyBridge in eZ Platform. It affects sites using the "Did you mean...?" spell check / search suggestion feature. This feature is vulnerable to Cross-site Scripting XSS injection reflected...

6.5AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/02/18 12:0 a.m.40 views

GLSA-202402-14 : QtWebEngine: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-14 QtWebEngine: Multiple Vulnerabilities - Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

9.6CVSS7.9AI score0.4351EPSS
Exploits4References30
Tenable Nessus
Tenable Nessus
added 2023/12/12 12:0 a.m.41 views

openSUSE 15 Security Update : opera (openSUSE-SU-2023:0396-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0396-1 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to...

9.6CVSS8.8AI score0.1963EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2023/12/05 12:0 a.m.27 views

Fedora 37 : chromium (2023-ceaa6b19c1)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ceaa6b19c1 advisory. update to 119.0.6045.199, upstream security release High CVE-2023-6345: Integer overflow in Skia High CVE-2023-6346: Use after free in WebAudio High...

9.6CVSS8.8AI score0.1963EPSS
Exploits0References7
Veracode
Veracode
added 2023/12/01 3:10 p.m.26 views

Type Confusion

Google Chrome is vulnerable to Type Confusion. The vulnerability exists in the Spellcheck component of the library. An attacker who has compromised the renderer process may potentially perform heap corruption via a crafted HTML page...

8.8CVSS6.8AI score0.01007EPSS
Exploits0References8Affected Software1
SUSE CVE
SUSE CVE
added 2023/12/01 2:20 a.m.2 views

SUSE CVE-2023-6348

Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9AI score0.01007EPSS
Exploits0References6
Opera Security Advisories
Opera Security Advisories
added 2023/12/01 12:0 a.m.10 views

Update your browser: Security fixes for latest Chrome bugs

News, Security Update your browser: Security fixes for latest Chrome bugs Share December 1st, 2023 Hi everyone! The latest patches to the Opera, Opera GX, and Opera Crypto browsers address several recent vulnerabilities, including a zero-day exploit CVE-2023-6345. We recommend updating your...

9.6CVSS7.3AI score0.1963EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2023/12/01 12:0 a.m.28 views

openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0387-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0387-1 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to...

9.6CVSS8.8AI score0.1963EPSS
Exploits0References16
Microsoft CVE
Microsoft CVE
added 2023/11/29 6:18 p.m.35 views

Chromium: CVE-2023-6348 Type Confusion in Spellcheck

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.8AI score0.01007EPSS
Exploits0
OSV
OSV
added 2023/11/29 12:15 p.m.1 views

DEBIAN-CVE-2023-6348

Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.01007EPSS
Exploits0References1
NVD
NVD
added 2023/11/29 12:15 p.m.26 views

CVE-2023-6348

Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.01007EPSS
Exploits0References7
OSV
OSV
added 2023/11/29 12:15 p.m.20 views

CVE-2023-6348

Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score
Exploits0References7
Prion
Prion
added 2023/11/29 12:15 p.m.28 views

Type confusion

Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6.8CVSS6.6AI score0.01007EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVE
added 2023/11/29 12:2 p.m.52 views

CVE-2023-6348

Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9AI score0.01007EPSS
Exploits0
CVE
CVE
added 2023/11/29 12:2 p.m.138 views

CVE-2023-6348

CVE-2023-6348 describes a Type Confusion in Chrome/Chromium’s Spellcheck that could allow heap corruption when a renderer is compromised via a crafted HTML page. Connected sources confirm affected components as Chromium-based browsers (Chrome/Chromium) and outline remediation by upgrading to Chro...

8.8CVSS8.6AI score0.01007EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2023/11/29 12:0 a.m.4 views

Google Chrome Security Vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome version 119.0.6045.199 and prior versions, which stems from a type confusion issue in the Spellcheck module...

8.8CVSS6.6AI score0.01007EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.43 views

Microsoft Edge (Chromium) < 118.0.2088.122 / 119.0.2151.97 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 118.0.2088.122 / 119.0.2151.97. It is, therefore, affected by multiple vulnerabilities as referenced in the November 29, 2023 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remo...

9.6CVSS8.6AI score0.1963EPSS
Exploits0References13
FreeBSD
FreeBSD
added 2023/11/28 12:0 a.m.49 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 7 security fixes: 1491459 High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10 1494461 High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Resear...

9.6CVSS7.9AI score0.1963EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/28 12:0 a.m.45 views

Google Chrome < 119.0.6045.199 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 119.0.6045.199. It is, therefore, affected by multiple vulnerabilities as referenced in the 202311stable-channel-update-for-desktop28 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed...

9.6CVSS8.8AI score0.1963EPSS
Exploits0References13
Rows per page
Query Builder