133 matches found
SUSE CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
CVE-2021-31616
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...
CVE-2021-31616
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...
Stack overflow
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...
CVE-2021-31616
CVE-2021-31616 affects ShapeShift KeepKey hardware wallet firmware prior to 7.1.0. The issue is a stack buffer overflow caused by insufficient length checks in the ethereum_extractThorchainSwapData() function within ethereum.c, which can be triggered by crafted messages and is reachable remotely ...
CVE-2021-31616
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...
The vulnerability of the WebUSB component in Google Chrome, related to integer overflow of values, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the WebUSB component in Google Chrome relates to a potential overflow of values. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures...
The vulnerability in the implementation of the WebUSB protocol of Google Chrome, related to the use of memory after it is freed, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the WebUSB protocol implementation in Google Chrome browser is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
DEBIAN-CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
UBUNTU-CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
CVE-2020-16033
CVE-2020-16033 affects Chromium/Google Chrome WebUSB. The issue is an inappropriate WebUSB implementation that enables content spoofing of the security UI via a crafted HTML page, allowing a remote attacker to trick users. Affected: Chromium/Chrome prior to 87.0.4280.66 (WebUSB component). Impact...
CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
CVE-2020-16033
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page...
Integer Overflow In WebUSB
chromium, sid is vulnerable to integer overflow in WebUSB in Google Chrome. It allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. The vulnerability exists through use after free in WebUSB that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Incorrect Security UI
chromium, sid has an incorrect security ui due to a flaw found in the WebUSB component of the Chromium browser...
openSUSE Security Update : chromium (openSUSE-2020-2021)
This update for chromium fixes the following issues : - Update to 87.0.4280.66 boo1178923 - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. -...