Lucene search
K

8 matches found

CVE
CVE
added 2023/04/14 6:10 p.m.1197 views

CVE-2023-2033

CVE-2023-2033: A type confusion in Google's V8 engine used by Chromium-based browsers allowed remote heap corruption via crafted HTML. The vulnerability affected Google Chrome/Chromium up to version 112.0.5615.121 and was fixed in the 112.0.5615.121 release (M112 Stable Update). Chrome’s advisory...

8.8CVSS8.9AI score0.40798EPSS
In wild
CVE
CVE
added 2023/06/05 9:40 p.m.836 views

CVE-2023-3079

Summary (CVE-2023-3079) : A type confusion in V8 in Google Chrome prior to 114.0.5735.110 can allow remote code execution via a crafted HTML page, with heap corruption as the underlying issue. The vulnerability affects Chrome’s Chromium-based rendering stack (V8 engine) and is rated High severity...

8.8CVSS8.6AI score0.32724EPSS
In wild
CVE
CVE
added 2024/01/16 9:14 p.m.414 views

CVE-2024-0519

CVE-2024-0519 is a Google Chrome/V8 vulnerability: an out-of-bounds memory access in V8 allows potential heap corruption via a crafted HTML page. Affected products include Chrome before version 120.0.6099.224; the Chromium/Chrome Stable Channel update to 120.0.6099.224 (Linux and Mac) and 120.0.6...

8.8CVSS8.5AI score0.03769EPSS
In wild
CVE
CVE
added 2024/02/28 12:0 a.m.90 views

CVE-2024-23302

CVE-2024-23302 affects Couchbase Server prior to version 7.2.4, where a private key leak occurs in the goxdcr.log. The available sources confirm the issue and the affected product/version, but do not provide exploit details or specific remediation steps beyond the exposure described. No root-caus...

7.5CVSS6.7AI score0.00748EPSS
CVE
CVE
added 2024/02/28 12:0 a.m.88 views

CVE-2023-45873

CVE-2023-45873 affects Couchbase Server versions through 7.2.2. The issue is triggered when a data reader reads large volumes of documents, potentially triggering the OS out-of-memory killer and causing the application to terminate (denial of service). The Red Hat and NVD records reiterate the sa...

6.5CVSS6.7AI score0.00663EPSS
CVE
CVE
added 2022/06/13 8:45 p.m.77 views

CVE-2022-32564

CVE-2022-32564 affects Couchbase Server prior to 7.0.4. The issue resides in couchbase-cli’s server-eshell, which leaks the Cluster Manager cookie, enabling information disclosure via command-line cookie exposure. Multiple connected sources (NVD/CNNVD/Red Hat/CVEs) describe the vulnerability as a...

7.5CVSS7.5AI score0.01094EPSS
CVE
CVE
added 2021/05/10 12:59 p.m.50 views

CVE-2021-25645

CVE-2021-25645 affects Couchbase Server versions prior to 6.0.5, 6.1.x–6.5.x prior to 6.5.2, and 6.6.x prior to 6.6.1. An internal admin user (@ns_server) leaks credentials in cleartext to log files (cbcollect_info.log, debug.log, ns_couchdb.log, indexer.log, stats.log). The note clarifies that u...

4.4CVSS4.8AI score0.00171EPSS
CVE
CVE
added 2021/11/02 11:46 a.m.44 views

CVE-2021-42763

CVE-2021-42763 affects Couchbase Server prior to 6.6.3 and 7.x prior to 7.0.2, where sensitive information is stored in cleartext in Basic Auth headers as UI requests are proxied between cluster manager components. The backtrace shows the HTTP request containing user credentials of the node proce...

7.5CVSS7.4AI score0.00588EPSS