CVE-2018-20072

Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. Chromium security severity: Low...

PDF-XChange Editor XPS File Parsing Out-of-Bounds Read Remote Code Execution Vulnerability

PDF-XChange Editor is a PDF editor software and PDF reader. PDF-XChange Editor XPS file parsing has an out-of-bounds read remote code execution vulnerability caused by a lack of proper validation of user-supplied data, which can be exploited by an attacker to execute code in the context of the...

Fedora: Security Advisory (FEDORA-2024-3d29b1647b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : chromium (2024-3d29b1647b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3d29b1647b advisory. update to 129.0.6668.58 High CVE-2024-8904: Type Confusion in V8 Medium CVE-2024-8905: Inappropriate implementation in V8 Medium CVE-2024-8906:...

TOTOLINK AC1200 setWizardCfg function buffer overflow vulnerability

TOTOLINK AC1200 is a dual-band Wi-Fi router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK AC1200 v4.1.5cu.861B20230220 version, which stems from the failure of the ssid5g parameter of the setWizardCfg function to correctly validate the length and...

DrayTek Vigor 3910 Buffer Overflow Vulnerability (CNVD-2024-39950)

The DrayTek Vigor 3910 is a high performance router for enterprise networks from DrayTek. A buffer overflow vulnerability exists in the DrayTek Vigor 3910 v4.3.2.6, which is caused by the sPPPSrvNm parameter on the fwuser.cgi page not properly validating the length of the input data, and can be...

Microsoft Edge (Chromium) < 129.0.2792.52 (CVE-2025-29806)

The version of Microsoft Edge installed on the remote Windows host is prior to 129.0.2792.52. It is, therefore, affected by a vulnerability as referenced in the March 21, 2025 advisory. - No cwe for this issue in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a...

SUSE CVE-2024-8907

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML XSS via a crafted set of UI gestures. Chromium security severity: Medium...

CVE-2024-46775

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns WHAT & HOW Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKEDRETURN issues reported by Coverity...

CVE-2024-46775 drm/amd/display: Validate function returns

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Validate function returns WHAT & HOW Function return values must be checked before data can be used in subsequent functions. This fixes 4 CHECKEDRETURN issues reported by Coverity...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly validating the validity of data...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly validating the validity of data...

CVE-2024-8907

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML XSS via a crafted set of UI gestures. Chromium security severity: Medium...

CVE-2024-8907

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML XSS via a crafted set of UI gestures. Chromium security severity: Medium...

CVE-2024-8907

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML XSS via a crafted set of UI gestures. Chromium security severity: Medium...

CVE-2024-8907

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML XSS via a crafted set of UI gestures. Chromium security severity: Medium...

PT-2025-4089 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability, as the...

Google Chrome < 129.0.6668.58 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 129.0.6668.58. It is, therefore, affected by multiple vulnerabilities as referenced in the 202409stable-channel-update-for-desktop17 advisory. - Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 129 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 129.0.6668.58 Linux 129.0.6668.58/.59 Windows, Mac contains a number of fixes and improvements -- a list of changes is...

Google Chrome < 129.0.6668.58 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 129.0.6668.58. It is, therefore, affected by multiple vulnerabilities as referenced in the 202409stable-channel-update-for-desktop17 advisory. - Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58...