CVE-2022-0434

The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the postids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks...

ECHO-4DE6-39AB-0434

Bulletin has no description...

CVE-2021-0434

In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional...

CVE-2020-0434

In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Linux Distros Unpatched Vulnerability : CVE-2025-0434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

electron33 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2025-0434. Security: backported fix for CVE-2025-0436. Security: backported fix for CVE-2025-0437...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0018-1 Rating: important References: 1235892 Cross-References: CVE-2025-0434 CVE-2025-0435 CVE-2025-0436 CVE-2025-0437 CVE-2025-0438 CVE-2025-0439 CVE-2025-0440 CVE-2025-0441 CVE-2025-0442 CVE-2025-0443...

Fedora 40 : chromium (2025-4c65803ea6)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4c65803ea6 advisory. Update to 132.0.6834.83 High CVE-2025-0434: Out of bounds memory access in V8 High CVE-2025-0435: Inappropriate implementation in Navigation High...

Chromium: CVE-2025-0434 Out of bounds memory access in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-0434

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-0434

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-0434

creationtimestamp| type| source ---|---|--- 2025-01-15 11:02:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113832032340818230 2025-01-15 11:06:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113832046561626125 2025-01-15 11:14:23+00:00| seen|...

CVE-2025-0434

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-0434

CVE-2025-0434 describes an out-of-bounds memory access in V8 (Google Chrome/Chromium) prior to version 132.0.6834.83, potentially enabling heap corruption via a crafted HTML page and a remote attack. Mitigation: update to Chrome/Chromium 132.0.6834.83 or later; Debian security advisory confirms t...

CVE-2025-0434

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-0434

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-0434

CVE-2024-0434 affects the WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly (versions ≤ 1.7.1). The vulnerability arises from a missing capability check in the ttbm_new_place_save function, enabling unauthenticated attackers to modify data and to publish new place posts. The iss...

WordPress WpTravelly Plugin <= 1.7.1 is vulnerable to Broken Access Control

Software WpTravelly Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0434 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6dc0f73102e1 Credits Francesco Carlucci Required privile...

openSUSE: Security Advisory for mozilla (SUSE-SU-2023:0434-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : curl (RHSA-2024:0434)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0434 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...