Google Chrome Code Execution Vulnerability (CNVD-2023-63464)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by use after release in Blink Task Scheduling. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause an application to...

Apache Airflow Execution with Unnecessary Privileges

Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...

GHSA-269X-PG5C-5XGM Apache Airflow Execution with Unnecessary Privileges

Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...

PYSEC-2023-134

Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...

CVE-2023-39508 Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges

Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" feature enables authenticated user to bypass some of the restrictions put in place. It allows to execute code in the...

Apache Airflow Security Vulnerability

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is characterized by scalability and dynamic monitoring. Apache Airflow versions prior to 2.6.0 have a security vulnerability that stems from a...

PT-2023-4783 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.6.0 Description: The issue is related to the "Run Task" feature in Apache Airflow, which allows an authenticated user to bypass some restrictions and execute code in the webserver context, as well as access...

CVE-2023-4074

Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2023-4074

Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-4074

Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-4074

Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-4074

CVE-2023-4074 is a Chrome/Chromium-related vulnerability described as a use-after-free in Blink Task Scheduling. Affects Google Chrome’s Blink engine, with the root cause being a use-after-free condition that could allow a remote attacker to trigger heap corruption via a crafted HTML page. The vu...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by use after release in Blink Task Scheduling. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause an application to...

Stable Channel Update for Desktop

The Stable channel has been updated to 115.0.5790.170 for Mac and Linux and 115.0.5790.170/.171 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 17 security fixes: 1466183 High CVE-2023-4068: Type Confusion in V8. Reported by Jerry on 2023-07-20 1465326 High CVE-2023-4069: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-07-17 1462951 High CVE-2023-4070: Type Confusi...

Google Chrome < 115.0.5790.170 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 115.0.5790.170. It is, therefore, affected by multiple vulnerabilities as referenced in the 202308stable-channel-update-for-desktop advisory. - Inappropriate implementation in Extensions in Google Chrome prior to...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +334 more potentially affected by CVE-2023-4033 via mlflow (>=0.8.2 <=2.5.0)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-4033 Source advisory: OSV:PYSEC-2023-280...

(Pwn2Own) Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the Ignition Gateway server. The issue results from the exposure of a dangerou...

CVE-2022-46900

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...

CVE-2022-46900

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...