855 matches found
SUSE CVE-2023-3735
Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...
Google Chrome Security Update (stable-channel-update-for-desktop-2023-07) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Security Update (stable-channel-update-for-desktop-2023-07) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome < 115.0.5790.98 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 115.0.5790.98. It is, therefore, affected by multiple vulnerabilities as referenced in the 202307stable-channel-update-for-desktop advisory. - Out of bounds memory access in Mojo in Google Chrome prior to 115.0.5790.98...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google Inc. in the United States. A security vulnerability exists in Google Chrome Web API Permission Prompts, which stems from improper execution...
Google Chrome < 115.0.5790.98 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 115.0.5790.98. It is, therefore, affected by multiple vulnerabilities as referenced in the 202307stable-channel-update-for-desktop advisory. - Out of bounds memory access in Mojo in Google Chrome prior to 115.0.5790.98...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 115 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 115.0.5790.98 Linux and Mac, 115.0.5790.98/99 Windows contains a number of fixes and improvements -- a list of changes is...
PT-2023-3712 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 115.0.5790.98 Description: The issue is related to an inappropriate implementation in Web API Permission Prompts in Google Chrome, which may allow a remote attacker to obfuscate security UI via a crafted HTML...
Fortinet FortiOS 代码问题漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An access control error...
Lenovo XClarity Administrator Command Injection Vulnerability
Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The product is capable of providing agentless hardware management for servers, storage, network switches, and more. A command injection vulnerability exists in Lenovo XClarity Administrator, which...
CVE-2023-34421
A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to insufficient input validation...
CVE-2023-34420
A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API...
CVE-2023-34418
A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data stored in LXCA due to a SQL injection vulnerability in a specific web API...
CVE-2023-34420
A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API...
CVE-2023-34421
A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to insufficient input validation...
CVE-2023-34418
A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data stored in LXCA due to a SQL injection vulnerability in a specific web API...
Command injection
A valid, authenticated LXCA user with elevated privileges may be able to execute command injections through crafted calls to a specific web API...
Input validation
A valid, authenticated LXCA user with elevated privileges may be able to delete folders in the LXCA filesystem through a specifically crafted web API call due to insufficient input validation...
Sql injection
A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data stored in LXCA due to a SQL injection vulnerability in a specific web API...
Input validation
A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to insufficient input validation...