12 matches found
Astra Linux - уязвимость в chromium
Using “after free” in WebRTC Perf in Google Chrome before version 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Before version 100.0.4896.88, using tab groups in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
CVE-2022-29916
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
DEBIAN-CVE-2022-1310
Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Mozilla Firefox Security Advisory (MFSA2022-16) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2022-29914
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
Update now! Google launches Chrome version 100 and fixes 28 vulnerabilities
Google has launched Chrome version 100 which, among other things, fixes 28 vulnerabilities. Other new security features include Safety Check, Enhanced Safe Browsing, and the ability to control website access to your location and device. Of the 28 vulnerabilities, none have been marked as critical...
Firefox and Chrome reaching major versions 100 may break some websites
Mozilla has issued a warning about the upcoming versions 100 for both Chrome and Firefox. The change in the version number from 2 to 3 digits may cause some problems when visiting websites that are not prepared for this change. For example, it’s possible that some parsing libraries may have...
SAP Business Planning and Consolidation Cross-Site Scripting Vulnerability
SAP Business Planning and Consolidation is a business planning and consolidation software from SAP, Germany. The software provides budgeting, forecasting and financial consolidation functions. A cross-site scripting vulnerability exists in SAP Business Planning and Consolidation versions 750, 751...
PT-2020-19085 · Sap · Sap 9.0 +1
Name of the Vulnerable Software and Affected Versions: SAP 9.0 Bank Analyzer version 500 SAP S/4HANA for financial products subledger version 100 Description: The issue arises from improper authorization checks for authenticated users, potentially leading to privilege escalation and exposure of...
CVE-2020-6214
SAP S/4HANA Financial Products Subledger, version 100, uses an incorrect authorization object in some reports. Although the affected reports are protected with other authorization objects, exploitation of the vulnerability would allow an authenticated attacker to view, change, or delete data,...
CVE-2020-6214
The CVE describes SAP S/4HANA (Financial Products Subledger), Version 100, as vulnerable due to an incorrect authorization object in certain reports. The underlying vulnerability allows an authenticated attacker to view, change, or delete data, compromising separation of duties within the system....