14 matches found
EUVD-2013-0893
Malware in sbrugna...
SUSE CVE-2013-0882
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service incorrect memory access or possibly have unspecified other impact via a large number of SVG parameters...
CVE-2021-42560
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks e.g., File Exfiltration, Server Side Request Forgery, Out of Band...
CVE-2021-42560
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks e.g., File Exfiltration, Server Side Request Forgery, Out of Band...
Server side request forgery (ssrf)
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks e.g., File Exfiltration, Server Side Request Forgery, Out of Band...
CVE-2021-42560
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks e.g., File Exfiltration, Server Side Request Forgery, Out of Band...
EUVD-2021-29528
An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks e.g., File Exfiltration, Server Side Request Forgery, Out of Band...
CVE-2013-0882
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service incorrect memory access or possibly have unspecified other impact via a large number of SVG parameters...
Code injection
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service incorrect memory access or possibly have unspecified other impact via a large number of SVG parameters...
CVE-2013-0882
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service incorrect memory access or possibly have unspecified other impact via a large number of SVG parameters...
CVE-2013-0882
Removed by vendor...
CVE-2013-0882
Google Chrome vulnerable to denial of service and potentially other impact via a large number of SVG parameters. Affected: Windows/Linux builds < 25.0.1364.97 and Mac
CVE-2013-0882
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service incorrect memory access or possibly have unspecified other impact via a large number of SVG parameters...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 172243 High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG. 171951 High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva. 167069 Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte...