134 matches found
CVE-2022-0440
The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high privivilege admin to upload an arbitrary PHP file and gain RCE even in the case of an hardened blog ie DISALLOWUNFILTEREDHTML, DISALLOWFILEEDIT and DISALLOWFILEMODS...
EUVD-2026-0440
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
CVE-2025-0440
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2020-0440
In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Linux Distros Unpatched Vulnerability : CVE-2025-0440
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTM...
CVE-2024-0440
Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files...
Fedora 40 : chromium (2025-4c65803ea6)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4c65803ea6 advisory. Update to 132.0.6834.83 High CVE-2025-0434: Out of bounds memory access in V8 High CVE-2025-0435: Inappropriate implementation in Navigation High...
Chromium: CVE-2025-0440 Inappropriate implementation in Fullscreen
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2025-0440
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0440 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2025-0440 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2025-0440
creationtimestamp| type| source ---|---|--- 2025-01-15 11:12:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1726 2025-01-15 11:15:52+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrnahto2q2t 2025-01-15 11:21:29+00:00| seen|...
CVE-2025-0440
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0440
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0440
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-0440
creationtimestamp| type| source ---|---|--- 2024-02-26 17:42:18+00:00| seen| https://t.me/ctinow/193540 2024-03-14 08:21:46+00:00| seen| https://t.me/ctinow/207533...
CVE-2024-0440
Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files...
CVE-2024-0440
CVE-2024-0440 describes an SSRF-type flaw where an attacker with permission to submit a link or submit via POST a link using the file:// protocol can introspect host files and other relatively stored files. Affected exposure is described across multiple feeds; CVSS data vary by source (NVD: 3.1, ...
CVE-2024-0440 SSRF - file:// unsanitized access to underlying host files
Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files...
CVE-2024-0440 SSRF - file:// unsanitized access to underlying host files
Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files...