Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

CVE-2020-11150

CVE-2020-11150 describes an out-of-bounds memory access in the camera driver caused by improper validation of data from UMD, which affects pointer offset manipulation across multiple Snapdragon SKUs (Auto/Compute/Connectivity/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wearables). The issue ...

Chromium: CVE-2021-21118 Insufficient data validation in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Command Execution Vulnerability in the InRouter900 Industrial Router from Johnstone (CNVD-2021-10450)

The Johnton-InRouter900 series industrial router is a 4G industrial router. A command execution vulnerability exists in the InRouter900 Industrial Router. The vulnerability stems from the program's failure to properly validate user data and can be exploited by a remote attacker to execute arbitra...

Arbitrary File Deletion Vulnerability in the InRouter900 Industrial Router from Imagicom (CNVD-2021-10444)

The Johnton-InRouter900 series industrial router is a 4G industrial router. The InRouter900 Industrial Router suffers from an arbitrary file deletion vulnerability, which originates from the program failing to properly validate user data, and can be exploited by a remote attacker to delete...

Vtiger CRM 跨站脚本漏洞

Vtiger CRM is a set of customer relationship management system CRM based on SugarCRM developed by American Vtiger. The management system provides management, collection and analysis of customer information and other functions. Vtiger CRM v7.2.0 suffers from a cross-site scripting vulnerability th...

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Google Chrome 缓冲区错误漏洞

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A data validation insufficiency vulnerability exists in V8 in versions prior to Google Chrome 88.0.4324.96. An attacker can exploit this to perform out-of-range...

Google Chrome V8 Insufficient Data Validation Vulnerability

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A data validation insufficiency vulnerability exists in V8 in versions prior to Google Chrome 88.0.4324.96. An attacker can exploit this to perform out-of-range...

Google Chrome Input Validation Error Vulnerability

Google Chrome is a web browser from Google, Inc. in the United States. An input validation error vulnerability previously existed in Google Chromium version 88.0.4324.96, which stemmed from insufficient data validation security found in the program's file system component...

Fedora 33 : chromium (2021-79926272ce)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-79926272ce advisory. - Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

EulerOS 2.0 SP3 : squid (EulerOS-SA-2021-1123)

According to the versions of the squid packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack c...

Google Chrome Security Updates (stable-channel-update-for-desktop_19-2021-01) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

KLA12048 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Media can...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 36 security fixes, including: 1137179 Critical CVE-2021-21117: Insufficient policy enforcement in Cryptohome. Reported by Rory McNamara on 2020-10-10 1161357 High CVE-2021-21118: Insufficient data validation in V8. Reported by Tyler Nighswander...

The vulnerability of the Windows Media Foundation component in Windows operating systems allows attackers to execute arbitrary code.

The vulnerability of the Windows Media Foundation component in Windows operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Windows GDI component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows GDI component in Windows operating systems exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CoreGraphi...