5834 matches found
CVE-2025-4051
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-4051
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-4051
CVE-2025-4051 involves insufficient data validation in DevTools of Google Chrome/Chromium, allowing a remote attacker to bypass discretionary access control when a user is persuaded to perform specific UI gestures on a crafted HTML page. The vulnerability affects Chrome before version 136.0.7103....
CVE-2025-4051
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
The vulnerability of the Orders component in the Oracle Configurator application of the Oracle E-Business Suite allows a malicious actor to gain access to read, modify, add, or delete data.
The vulnerability of the Orders component in the Oracle Configurator application of the Oracle E-Business Suite is related to insufficient validation of entered data. Exploiting this vulnerability may allow an attacker to gain access to read, modify, add, or delete data...
SUSE CVE-2025-4051
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
Fedora 40 : chromium (2025-b1804b97fc)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b1804b97fc advisory. Update to 136.0.7103.59 CVE-2025-4096: Heap buffer overflow in HTML CVE-2025-4050: Out of bounds memory access in DevTools CVE-2025-4051: Insufficie...
CVE-2025-1838
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service...
CVE-2025-1838 IBM Cloud Pak for Business Automation denial of service
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service...
CVE-2025-1838
CVE-2025-1838 affects IBM Cloud Pak for Business Automation (IBM Business Automation Workflow) 24.0.0 and 24.0.1 through 24.0.1 IF001. The vulnerability stems from an authenticated user bypassing client-side data validation in the authoring UI, which could lead to a denial of service. Red Hat/IBM...
CVE-2025-1838 IBM Cloud Pak for Business Automation denial of service
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows an authenticated user to bypass client-side data validation in an authoring user interface which could cause a denial of service...
PT-2025-18953 · Ibm · Ibm Cloud Pak For Business Automation
Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Business Automation versions 24.0.0 through 24.0.1 IF001 Description: The issue allows an authenticated user to bypass client-side data validation in the authoring user interface, which could cause a denial of service...
The vulnerability of the phpseclib cryptographic protocol library, related to incorrect input validation, allows attackers to trigger a service failure.
The vulnerability of the phpseclib cryptographic protocol library is related to insufficient checks on the data entered by users. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Microsoft Edge (Chromium) < 136.0.3240.50 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 136.0.3240.50. It is, therefore, affected by multiple vulnerabilities as referenced in the May 1, 2025 advisory. - User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an...
Chromium: CVE-2025-4052 Inappropriate implementation in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2025-23254
NVIDIA TensorRT-LLM (TensorRT-LLM Python executor) contains a data-validation vulnerability that can be exploited with local access to the TRTLLM server to achieve code execution, information disclosure, and data tampering. The CVE-2025-23254 entries across NVD/CVE lists describe a Python-executo...
Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE. Authentication is required to exploit this vulnerability. The specific flaw exists within the SNMP service, which listens on UDP port 161 by default. The issue results fro...
PT-2025-18651
Name of the Vulnerable Software and Affected Versions NVIDIA TensorRT-LLM affected versions not specified Description The issue concerns a data validation problem in the python executor of NVIDIA TensorRT-LLM, which can be exploited by an attacker with local access to the TRTLLM server. A...
Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Cisco IOS XE. Authentication is required to exploit this vulnerability. The specific flaw exists within the SNMP service, which listens on UDP port 161 by default. The issue results fro...
TOTOLINK N150RT /boafrm/formWlwds File Buffer Overflow Vulnerability
The TOTOLINK N150RT is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N150RT suffers from a buffer overflow vulnerability that originates from the failure of the parameter submit-url in the file /boafrm/formWlwds to correctly validate the length and size of the input data,...