Page 98 of 5157 results (0.015 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html https://crbug.com/1435166 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI https://security.gentoo.org/glsa/202309-17 https://security.gentoo.org/glsa/202311-11 https://www.debian.org/security/2023/dsa-5404 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html https://crbug.com/1400905 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI https://security.gentoo.org/glsa/202309-17 https://security.gentoo.org/glsa/202311-11 https://www.debian.org/security/2023/dsa-5404 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html https://crbug.com/1444360 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI https://security.gentoo.org/glsa/202309-17 https://security.gentoo.org/glsa/202311-11 https://www.debian.org/security/2023/dsa-5404 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1

A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. • https://bugzilla.redhat.com/show_bug.cgi?id=2188240 https://github.com/LibRaw/LibRaw/issues/557 https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGZ6XF5WTPJ4GLXQ62JVRDZSVSJHXNQU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E5ZJ3UBTJBZHNPJQFOSGM5L7WAHHE2GY https://security.gentoo.org/glsa/202312-08 https://www.debian.org/security/2023/dsa-5412 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. A vulnerability was found in libvirt. This security flaw occurs due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. • https://access.redhat.com/security/cve/CVE-2023-2700 https://bugzilla.redhat.com/show_bug.cgi?id=2203653 https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585#874a1e768ade6ceb4538931cbc06248e73223306 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVK6JKP36CHE7YAFDJNPNLTW4OWJJ7TQ https://security.netapp.com/advisory/ntap-20230706-0001 • CWE-401: Missing Release of Memory after Effective Lifetime •