Search CVE reports
1401 – 1410 of 36525 results
Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security...
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
1 affected package
chromium-browser
| Package | 24.04 LTS |
|---|---|
| chromium-browser | Not affected |
In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that allows an attacker who can supply Markdown for parsing to cause denial of service. The...
1 affected package
mistune
| Package | 24.04 LTS |
|---|---|
| mistune | Needs evaluation |
Not in release
gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit host (e.g. :8080), or -port is used, gopls will listen on 0.0.0.0. As a...
1 affected package
gopls
| Package | 24.04 LTS |
|---|---|
| gopls | Not in release |
The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing...
1 affected package
mongo-c-driver
| Package | 24.04 LTS |
|---|---|
| mongo-c-driver | Needs evaluation |