Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
Publication date: Wed, 13 Sep 2023 02:15:00 +0000
Cyber News related to CVE-2023-4908
CVE-2014-4740 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-4907, CVE-2014-4908. Reason: This candidate is a duplicate of CVE-2014-4907 and CVE-2014-4908. Notes: All CVE users should reference CVE-2014-4907 and/or CVE-2014-4908 instead of ...
55 years ago Tenable.com
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
1 year ago Tenable.com
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
1 year ago Securelist.com
CVE-2023-4908 - Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low) ...
1 year ago
CVE-2015-4916 - Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908. Per <a ...
4 years ago
CVE-2015-4908 - Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916. ...
4 years ago
CVE-2015-4906 - Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916. Per <a ...
4 years ago
CVE-2012-4908 - Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. ...
12 years ago
CVE-2014-4908 - Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/views/kohana_error_page.php or (2) ...
10 years ago
CVE-2016-4908 - Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors. ...
8 years ago
CVE-2017-4908 - VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a ...
7 years ago
CVE-2008-4908 - maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. ...
7 years ago
CVE-2009-4908 - Multiple cross-site scripting (XSS) vulnerabilities in oBlog allow remote attackers to inject arbitrary web script or HTML via the (1) commentName, (2) commentEmail, (3) commentWeb, or (4) commentText parameter to article.php; and allow remote ...
7 years ago
CVE-2010-4908 - SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute arbitrary SQL commands via the prodid parameter. ...
7 years ago
CVE-2007-4908 - Directory traversal vulnerability in index.php in AuraCMS 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter. ...
7 years ago
CVE-2018-4908 - An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end ...
7 years ago
CVE-2006-4908 - OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL containing an * (asterisk) wildcard, which displays all matching file and directory information. ...
6 years ago
CVE-2011-4908 - TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. ...
5 years ago
CVE-2020-4908 - IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog. This information could be used in further attacks against the system. ...
4 years ago
CVE-2022-4908 - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) ...
1 year ago
CVE-2024-4908 - A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view/student_attendance_history1.php. The manipulation of the argument index ...
1 year ago
CVE-2019-4908 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none ...
1 year ago