Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

UliCMS 2023-1 Sniffing-Vicuna Shell Upload

UliCMS version 2023-1 Sniffing-Vicuna suffers from a remote shell upload vulnerability.

Packet Storm
Open in Source
#csrf#vulnerability#web#windows#apple#linux#java#php#rce#auth#chrome#webkit
UliCMS 2023-1 Sniffing-Vicuna Cross Site Scripting

UliCMS version 2023-1 Sniffing-Vicuna suffers from a persistent cross site scripting vulnerability.

Pluck CMS 4.7.18 Cross Site Scripting

Pluck CMS version 4.7.18 suffers from a persistent cross site scripting vulnerability.

Apple Security Advisory 2023-05-03-1

Apple Security Advisory 2023-05-03-1 - AirPods Firmware Update 5E133 and Beats Firmware Update 5B66 address bluetooth authentication vulnerabilities.

CVE-2023-29659: FPE in box.cc - heif::Fraction::round() · Issue #794 · strukturag/libheif

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

EasyPHP Webserver 14.1 Path Traversal / Remote Code Execution

EasyPHP Webserver version 14.1 suffers from remote code execution and path traversal vulnerabilities.

CVE-2023-30054: ttt/161 at main · Am1ngl/ttt

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.

CVE-2023-30053: ttt/160 at main · Am1ngl/ttt

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.

CVE-2023-2468: Chromium: CVE-2023-2468 Inappropriate implementation in PictureInPicture

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

CVE-2023-2467: Chromium: CVE-2023-2467 Inappropriate implementation in Prompts

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**