5832 matches found
Tenda AC5 Stack Buffer Overflow Vulnerability
Tenda AC5 is a wireless router from Tenda, a Chinese company. The Tenda AC5 suffers from a stack buffer overflow vulnerability that originates from the failure of the parameters schedStartTime and schedEndTime in the file /goform/openSchedWifi to properly validate the length of the input data,...
Google Chrome Security Bypass Vulnerability (CNVD-2025-15174)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from insufficient DevTools data validation, which can be exploited by an attacker to execute arbitrary code via a crafted HTML page...
Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2023-28911
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconnection. An attacker can leverage this vulnerability to cause a denial-of-service attack for every...
CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
The vulnerability of Mozilla Firefox and Firefox ESR browsers on the macOS operating system arises from insufficient data validation. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of Mozilla Firefox and Firefox ESR browsers on the macOS operating system is related to insufficient validation of data authenticity. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
CVE-2023-28908
CVE-2023-28908 affects the Bluetooth stack on Volkswagen MIB3 infotainment, caused by insufficient validation of user-supplied data that can trigger an integer overflow when handling non-fragmented HCI packets. The issue was first observed in Skoda Superb III with MIB3 infotainment unit OEM part ...
PT-2025-27278 · Mescius · Activereports.Net
Name of the Vulnerable Software and Affected Versions: Mescius ActiveReports.NET affected versions not specified Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mescius ActiveReports.NET. Exploitation requires interaction with the...
PDF-XChange Editor Code Execution Vulnerability (CNVD-2025-16304)
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. A code execution vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit the vulnerability to execu...
PDF-XChange Editor Code Execution Vulnerability (CNVD-2025-16302)
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. A code execution vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit the vulnerability to execu...
PDF-XChange Editor Code Execution Vulnerability
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. A code execution vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit the vulnerability to execu...
Chromium: CVE-2025-6557 Insufficient data validation in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Edge (Chromium) < 138.0.3351.55 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 138.0.3351.55. It is, therefore, affected by multiple vulnerabilities as referenced in the June 26, 2025 advisory. - Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a...
PDF-XChange Editor 缓冲区错误漏洞
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. An information disclosure vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit this vulnerabilit...
PDF-XChange Editor 缓冲区错误漏洞
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. An information disclosure vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit this vulnerabilit...
PDF-XChange Editor 缓冲区错误漏洞
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. An information disclosure vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit this vulnerabilit...
PDF-XChange Editor 缓冲区错误漏洞
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. An information disclosure vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit this vulnerabilit...
PDF-XChange Editor 缓冲区错误漏洞
PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. A code execution vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit the vulnerability to execu...
CVE-2025-6557
Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2025-6557
Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...