CVE-2022-1311

Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Publication date: Mon, 25 Jul 2022 19:15:00 +0000

Cyber News related to CVE-2022-1311

CVE-2022-1311 - Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ...
1 year ago

CVE-2008-1312 - Unspecified vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0, and other versions before 2.0.3900.0, allows remote attackers to cause a denial of service (daemon crash) via a long TFTP packet, a different ...
6 years ago

CVE-2008-1311 - The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to cause a denial of service (daemon hang) by uploading a file named (1) '|' (pipe), (2) '"' (quotation mark), or (3) ...
5 years ago

CVE-2024-23807 - The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by ...
4 months ago Tenable.com

CVE-2003-1311 - siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site ...
15 years ago

CVE-2005-1311 - Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. ...
15 years ago

CVE-2010-1311 - The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: ...
13 years ago

CVE-1999-1311 - Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges. ...
13 years ago

CVE-2011-1311 - The Security component in IBM WebSphere Application Server (WAS) before 7.0.0.15, when a J2EE 1.4 application is used, determines the security role mapping on the basis of the ibm-application-bnd.xml file instead of the intended ...
13 years ago

CVE-2002-1311 - Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files. ...
7 years ago

CVE-2016-1311 - Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10.6(8) allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224. ...
7 years ago

CVE-2014-1311 - WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other ...
7 years ago

CVE-2004-1311 - Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 ...
6 years ago

CVE-2017-1311 - IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: ...
6 years ago

CVE-2012-1311 - The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through 3.4.xS before 3.4.2S, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge and service outage) via crafted RSVP packets, ...
6 years ago

CVE-2006-1311 - The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute ...
5 years ago

CVE-2013-1311 - Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability." ...
5 years ago

CVE-2001-1311 - Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. ...
5 years ago

CVE-2009-1311 - Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL ...
5 years ago

CVE-2015-1311 - The Extended Application Services (XS) in SAP HANA allows remote attackers to inject arbitrary ABAP code via unspecified vectors, aka SAP Note 2098906. NOTE: the provenance of this information is unknown; the details are obtained solely from third ...
5 years ago

CVE-2019-1311 - A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory, aka 'Windows Imaging API Remote Code Execution Vulnerability'. ...
3 years ago

CVE-2021-1311 - A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection ...
3 years ago

CVE-2020-1311 - An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'. ...
2 years ago

CVE-2018-1311 - The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to ...
2 weeks ago

CVE-2023-1311 - A vulnerability, which was classified as critical, was found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. This affects an unknown part of the file large.php of the component GET Parameter Handler. The manipulation of the ...
1 year ago

Latest Cyber News

CVE-2024-40605 - 9 hours ago
CVE-2024-40604 - 9 hours ago
CVE-2024-40603 - 9 hours ago
CVE-2024-40602 - 9 hours ago
CVE-2024-40601 - 9 hours ago
CVE-2024-40600 - 9 hours ago
CVE-2024-40599 - 9 hours ago
CVE-2024-40598 - 9 hours ago
CVE-2024-40596 - 9 hours ago
CVE-2024-40597 - 9 hours ago
CVE-2024-6095 - 15 hours ago
CVE-2024-37554 - 16 hours ago
CVE-2024-37553 - 17 hours ago
CVE-2024-37547 - 18 hours ago
CVE-2024-37546 - 18 hours ago
CVE-2024-37542 - 20 hours ago
CVE-2024-37541 - 20 hours ago
CVE-2024-37539 - 20 hours ago
CVE-2024-39486 - 23 hours ago
CVE-2024-37260 - 23 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 7 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-40605 - 9 hours ago
CVE-2024-40604 - 9 hours ago
CVE-2024-40603 - 9 hours ago
CVE-2024-40602 - 9 hours ago
CVE-2024-40601 - 9 hours ago
CVE-2024-40600 - 9 hours ago
CVE-2024-40599 - 9 hours ago
CVE-2024-40598 - 9 hours ago
CVE-2024-40596 - 9 hours ago
CVE-2024-40597 - 9 hours ago
CVE-2024-6095 - 15 hours ago
CVE-2024-37553 - 17 hours ago
CVE-2024-37554 - 16 hours ago
CVE-2024-37547 - 18 hours ago
CVE-2024-37546 - 18 hours ago
CVE-2024-37542 - 20 hours ago
CVE-2024-37541 - 20 hours ago
CVE-2024-37539 - 20 hours ago
CVE-2024-39486 - 23 hours ago
CVE-2024-37260 - 23 hours ago