CVE-2025-6557

Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

CVE-2025-6557

The CVE-2025-6557 entry concerns Google Chrome on Windows with an insufficient DevTools data validation flaw that could allow arbitrary code execution via a crafted HTML page after user interaction with specific UI gestures. Affected component: DevTools in Chrome; root cause: inadequate input val...

CVE-2025-6557

Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

PT-2025-26787 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 138.0.7204.49 Description: Insufficient data validation in DevTools in Google Chrome on Windows allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from insufficient DevTools data validation, which can be exploited by an attacker to execute arbitrary code via a crafted HTML page...

TOTOLINK EX1200T /boafrm/formNtp File Buffer Overflow Vulnerability

The TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability, which originates from the failure of the parameter submit-url in the file /boafrm/formNtp to correctly validate the length and size of the inpu...

CVE-2025-49849

An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data...

CVE-2025-49850

A Heap-based Buffer Overflow vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data...

CVE-2025-49848

An Out-of-bounds Write vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data...

PT-2025-26618 · Unknown · Servicestack

Name of the Vulnerable Software and Affected Versions: ServiceStack affected versions not specified Description: This issue allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. The specific flaw exists within the implementation of the GetErrorResponse metho...

CVE-2025-5477 Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability

Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth devi...

ROS-20250619-17

Vulnerability of CompressorStreamFactory, TarArchiveInputStream and TarFile classes of Apache Commons archiver Compress is related to uncontrolled resource consumption as a result of insufficient input data validation when processing TAR archive headers. Exploitation of the vulnerability could...

CVE-2025-49849

An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data...

CVE-2025-49850

CVE-2025-49850 concerns LS Electric GMWin 4. a heap-based buffer overflow during PRJ file parsing caused by insufficient validation, leading to memory corruption (reading/writing past end of allocated data structures). Affected product: GMWin 4 (e.g., version 4.18 cited). Impacts: potential memor...

CVE-2025-49849 Out-of-bounds Read in Write in LS Electric GMWin 4

An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data...

CVE-2025-49849 Out-of-bounds Read in Write in LS Electric GMWin 4

An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data...

PT-2025-25749 · Ls Electric · Gmwin 4

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Heap-based Buffer Overflow issue exists within the parsing of PRJ files. This results from the lack of proper validation of user-supplied data, which can cause memory corruption issues...

ROS-20250616-03

A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to insufficient insufficient validation of data provided by an attacker in Rack::CommonLogger. Exploitation of the vulnerability could Allow an attacker acting remotely to manipulate data log entr...

The vulnerability of the Android operating system, related to insufficient validation of input data, allows attackers to escalate their privileges.

The vulnerability of the Android operating system is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

Tenda CH22 Buffer Overflow Vulnerability

Tenda CH22 is a network device from Tenda, China. The Tenda CH22 suffers from a buffer overflow vulnerability that originates from the parameter page in the file /goform/Natlimit that fails to properly validate the length of the input data, which can be exploited by an attacker to execute arbitra...