5834 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : .NET vulnerabilities (USN-7210-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7210-1 advisory. It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly u...
USN-7210-1 dotnet8, dotnet9 vulnerabilities
It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly use this issue to execute arbitrary code. CVE-2025-21171 It was discovered that .NET did not properly handle an integer overflow when processing certain specially...
Chromium: CVE-2025-0443 Insufficient data validation in Extensions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0443
CVE-2025-0443 affects Google Chrome/Chromium with insufficient data validation in Extensions, allowing privilege escalation when a user is tricked into specific UI gestures via a crafted HTML page. Connected sources confirm Chrome/Chromium and show remediation in Chrome 132.0.6834.83 (and Debian’...
CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
PT-2025-1284 · Microsoft +5 · Edge +5
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 132.0.6834.83 Microsoft Edge affected versions not specified Description: The issue exists due to insufficient data validation in the Extensions component of Google Chrome and Microsoft Edge, allowing a remote...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 16 security fixes: 374627491 High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 379652406 High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 382786791 High...
qt6-webengine -- Multiple vulnerabilities
Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: CVE-2024-12693: Out of bounds memory access in V8 CVE-2024-12694: Use after free in Compositing CVE-2025-0436: Integer overflow in Skia CVE-2025-0437: Out of bounds read in Metrics CVE-2025-0438: Stack buffer overflo...
PT-2025-19756 · Chromium +3 · Chromium +3
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 136.0.7103.59 chromium in Debian Linux affected versions not specified Description: The issue is related to insufficient data validation in DevTools, allowing a remote attacker to bypass discretionary access...
CVE-2024-13049
Ashlar-Vellum Cobalt XE is affected by a type confusion in the XE file parser caused by insufficient validation of user-supplied data. This vulnerability can allow code execution in the context of the target process, requiring user interaction (e.g., viewing a malicious page or file). Multiple so...
Ashlar Vellum Cobalt 缓冲区错误漏洞
Ashlar Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar. Ashlar Vellum Cobalt suffers from a buffer error vulnerability that stems from a lack of proper validation of user-supplied data. An attacker could exploit the vulnerability to execute code in the...
Ashlar Vellum Cobalt 缓冲区错误漏洞
Ashlar Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar. Ashlar Vellum Cobalt suffers from a buffer error vulnerability that stems from a lack of proper validation of user-supplied data. An attacker could exploit the vulnerability to execute code in the...
Foxit PDF Reader 缓冲区错误漏洞
Foxit PDF Reader is China Foxit Foxit company a PDF reader. Foxit PDF Reader suffers from a buffer overflow vulnerability that stems from a lack of proper validation of user-supplied data, resulting in a memory corruption condition that can be exploited by a remote attacker to execute code in the...
Ashlar Vellum Cobalt 安全漏洞
Ashlar Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar. A security vulnerability exists in Ashlar Vellum Cobalt that stems from a lack of proper validation of user-supplied data. An attacker could exploit the vulnerability to execute code in the...