Page 42 of 282 results (0.007 seconds)

CVSS: 8.8EPSS: 66%CPEs: 7EXPL: 2

CVE-2023-4762 – Google Chromium V8 Type Confusion Vulnerability

https://notcve.org/view.php?id=CVE-2023-4762

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Type Confusion en V8 en Google Chrome anterior a 116.0.5845.179 permitía a un atacante remoto ejecutar código arbitrario a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://github.com/buptsb/CVE-2023-4762 https://github.com/sherlocksecurity/CVE-2023-4762-Code-Review https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1473247 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fed • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-4761

https://notcve.org/view.php?id=CVE-2023-4761

Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) El acceso a memoria fuera de los límites en FedCM en Google Chrome anterior a 116.0.5845.179 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar una lectura de memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1476403 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://security.gentoo.org/glsa/202311-11 https://security • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-41909 – frr: NULL pointer dereference in bgp_nlri_parse_flowspec() in bgpd/bgp_flowspec.c

https://notcve.org/view.php?id=CVE-2023-41909

An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. Se descubrió un problema en FRRouting FRR hasta 9.0. bgp_nlri_parse_flowspec en bgpd/bgp_flowspec.c. Procesa solicitudes con formato incorrecto sin atributos, conllevando una desreferencia de puntero NULL. A flaw was found in frr. Processing a malformed request with no attributes may cause a NULL pointer dereference, resulting in a denial of service. • https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8 https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JLG64IF3FU7V76K4TKCCXVNEE6P2VUDO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LMJNX44SMJM25JZO7XWHDQCOB4SNJPIE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXR6PIVY4SWO7HDT4EY733H4X32SCPM4 https://access.redhat • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1

CVE-2023-4733 – Use After Free in vim/vim

https://notcve.org/view.php?id=CVE-2023-4733

Use After Free in GitHub repository vim/vim prior to 9.0.1840. Use After Free en el repositorio de GitHub vim/vim anterior a 9.0.1840. • http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ&# • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1

CVE-2023-4750 – Use After Free in vim/vim

https://notcve.org/view.php?id=CVE-2023-4750

Use After Free in GitHub repository vim/vim prior to 9.0.1857. Use After Free en el repositorio de GitHub vim/vim anterior a 9.0.1857. • http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ&# • CWE-416: Use After Free •