Page 10 of 412 results (0.010 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en Garbage Collection en Google Chrome anterior a 119.0.6045.159 permitía a un atacante remoto explotar potencialmente la corrupción del heap a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html https://crbug.com/1497997 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JHUI5HW7QXT3U74MJMTLUMF5REDO5HD5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MN3JQGEC4EFQP3WTI33YBD3CLC3I7P4X https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWHRLW3GDNFBFSBHDD4QOPUPX7ORTUEC https://security.gentoo.org/glsa/202311-11 https://secu • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 446EXPL: 1

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. La secuencia de instrucciones del procesador genera un comportamiento inesperado en Intel(R) Processors que pueden permitir que un usuario autenticado potencialmente habilite la escalada de privilegios y/o la divulgación de información y/o la denegación de servicio a través del acceso local. • https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar- http://www.openwall.com/lists/oss-security/2023/11/14/4 http://www.openwall.com/lists/oss-security/2023/11/14/5 http://www.openwall.com/lists/oss-security/2023/11/14/6 http://www.openwall.com/lists/oss-security/2023/11/14/7 http://www.openwall.com/lists/oss-security/2023/11/14/8 http://www.openwall.com/lists/oss-security/2023/11/14/9 https://lists.debian.org/debian-lts-announce/2023/12/ • CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer. Use after free en OpenVPN versión 2.6.0 a 2.6.6 puede provocar un comportamiento indefinido, pérdida de búferes de memoria o ejecución remota al enviar búferes de red a un par remoto. • https://community.openvpn.net/openvpn/wiki/CVE-2023-46850 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4 https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850 https://www.debian.org/security/2023/dsa-5555 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service. El uso de la opción --fragment en ciertas configuraciones de OpenVPN versión 2.6.0 a 2.6.6 permite a un atacante desencadenar un comportamiento de división por cero que podría provocar un bloqueo de la aplicación y provocar una denegación de servicio. • https://community.openvpn.net/openvpn/wiki/CVE-2023-46849 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4 https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850 https://www.debian.org/security/2023/dsa-5555 • CWE-369: Divide By Zero •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en WebAudio en Google Chrome anterior a 119.0.6045.123 permitía a un atacante remoto explotar potencialmente la corrupción del heap a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop.html https://crbug.com/1497859 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V https://security.gentoo.org/glsa/202311-11 https://security.gentoo.org/glsa/202312-07 https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security • CWE-416: Use After Free •