5836 matches found
PT-2024-7377 · Unknown · Edonline Ems
Name of the Vulnerable Software and Affected Versions: EdOnline EMS affected versions not specified Description: The issue is related to the lack of data cleaning and validation in the Login field of the authentication window, which can be exploited by a remote attacker to disclose protected...
Microsoft SharePoint SPThemes Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of serialized instances of the SPThemes class. The issue results from the...
NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2024-0063)
The remote NewStart CGSL host, running version MAIN 6.02, has sqlite packages installed that are affected by multiple vulnerabilities: - Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML...
C-MOR Video Surveillance 5.2401 / 6.00PL01 SQL Injection
Advisory ID: SYSS-2024-023 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution Date: -...
The vulnerability of the Pydantic data validation library lies in the inefficient complexity of regular expressions, which allows attackers to trigger a service failure.
The vulnerability of the Pydantic data validation library is related to the use of regular expressions. Exploiting this vulnerability could allow a malicious actor to cause service failures...
ROS-20240827-14
A vulnerability in the Pydantic data validation library involves the use of regular expressions. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0258-2)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0258-2 advisory. - Chromium 128.0.6613.84 boo1229591 CVE-2024-7964: Use after free in Passwords CVE-2024-7965: Inappropriate implementation in V8 CVE-2024-7966: O...
The vulnerability of the driver for the common file system of Windows operating systems allows attackers to escalate their privileges.
The vulnerability of the driver for the common file system of Windows operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to increase their privileges...
Microsoft Edge (Chromium) < 128.0.2739.42 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 128.0.2739.42. It is, therefore, affected by multiple vulnerabilities as referenced in the August 22, 2024 advisory. - Microsoft Edge HTML-based Memory Corruption Vulnerability CVE-2024-38207 - Microsoft Edge...
Chromium: CVE-2024-7974 Insufficient data validation in V8 API
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2024-7977 Insufficient data validation in Installer
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2024-7979 Insufficient data validation in Installer
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2024-7980 Insufficient data validation in Installer
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2024-7974
Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
SUSE CVE-2024-7977
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...
KLA71827 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Inappropriate...
Google Chrome Insufficient Data Validation Vulnerability
Google Chrome is a free web browser developed by Google. It is the world's largest browser in terms of market share due to its speed, security, simplicity, multi-platform support and built-in privacy protection. Google Chrome suffers from a Data Validation Insufficiency vulnerability, which can b...
Google Chrome Security Update (stable-channel-update-for-desktop_21-2024-08) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2024-7979
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. Chromium security severity: Medium...
CVE-2024-7980
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. Chromium security severity: Medium...