8 matches found
CVE-2023-2033
CVE-2023-2033: A type confusion in Google's V8 engine used by Chromium-based browsers allowed remote heap corruption via crafted HTML. The vulnerability affected Google Chrome/Chromium up to version 112.0.5615.121 and was fixed in the 112.0.5615.121 release (M112 Stable Update). Chrome’s advisory...
CVE-2023-3079
Summary (CVE-2023-3079) : A type confusion in V8 in Google Chrome prior to 114.0.5735.110 can allow remote code execution via a crafted HTML page, with heap corruption as the underlying issue. The vulnerability affects Chrome’s Chromium-based rendering stack (V8 engine) and is rated High severity...
CVE-2024-0519
CVE-2024-0519 is a Google Chrome/V8 vulnerability: an out-of-bounds memory access in V8 allows potential heap corruption via a crafted HTML page. Affected products include Chrome before version 120.0.6099.224; the Chromium/Chrome Stable Channel update to 120.0.6099.224 (Linux and Mac) and 120.0.6...
CVE-2024-23302
CVE-2024-23302 affects Couchbase Server prior to version 7.2.4, where a private key leak occurs in the goxdcr.log. The available sources confirm the issue and the affected product/version, but do not provide exploit details or specific remediation steps beyond the exposure described. No root-caus...
CVE-2023-45873
CVE-2023-45873 affects Couchbase Server versions through 7.2.2. The issue is triggered when a data reader reads large volumes of documents, potentially triggering the OS out-of-memory killer and causing the application to terminate (denial of service). The Red Hat and NVD records reiterate the sa...
CVE-2022-32564
CVE-2022-32564 affects Couchbase Server prior to 7.0.4. The issue resides in couchbase-cli’s server-eshell, which leaks the Cluster Manager cookie, enabling information disclosure via command-line cookie exposure. Multiple connected sources (NVD/CNNVD/Red Hat/CVEs) describe the vulnerability as a...
CVE-2021-25645
CVE-2021-25645 affects Couchbase Server versions prior to 6.0.5, 6.1.x–6.5.x prior to 6.5.2, and 6.6.x prior to 6.6.1. An internal admin user (@ns_server) leaks credentials in cleartext to log files (cbcollect_info.log, debug.log, ns_couchdb.log, indexer.log, stats.log). The note clarifies that u...
CVE-2021-42763
CVE-2021-42763 affects Couchbase Server prior to 6.6.3 and 7.x prior to 7.0.2, where sensitive information is stored in cleartext in Basic Auth headers as UI requests are proxied between cluster manager components. The backtrace shows the HTTP request containing user credentials of the node proce...