ECHO-D94C-0448-6A95

Bulletin has no description...

WP Helper Lite < 4.3 - Cross-Site Scripting

The WP Helper Lite WordPress plugin, in versions 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability. id: CVE-2023-0448 info: name: WP Helper Lite 4.3 - Cross-Site Scripting author: ritikchaddha severity: medium description: | T...

CVE-2022-0448

The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

CVE-1999-0448

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request...

EUVD-2026-0448

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2017-0448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels...

Linux Distros Unpatched Vulnerability : CVE-2021-0448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2021-0448 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable...

Linux Distros Unpatched Vulnerability : CVE-2025-0448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page...

Fedora 40 : chromium (2025-4c65803ea6)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4c65803ea6 advisory. Update to 132.0.6834.83 High CVE-2025-0434: Out of bounds memory access in V8 High CVE-2025-0435: Inappropriate implementation in Navigation High...

Chromium: CVE-2025-0448 Inappropriate implementation in Compositing

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-0448 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2025-0448

creationtimestamp| type| source ---|---|--- 2025-01-15 11:09:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1720 2025-01-15 11:16:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrnavzlzx2f 2025-01-15 11:51:31+00:00| seen|...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-0448

Summary of CVE-2025-0448 : In Google Chrome/Chromium, an inappropriate implementation in the Compositing pipeline allowed a remote attacker to perform UI spoofing via a crafted HTML page. The issue is tied to Chrome/Chromium’s UI/compositing code and is listed among Chrome security fixes for vers...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2023-0448

creationtimestamp| type| source ---|---|--- 2024-10-24 04:50:29+00:00| published-proof-of-concept| https://t.me/codeb0ss/974...

CVE-2024-0448

creationtimestamp| type| source ---|---|--- 2024-02-05 23:31:34+00:00| seen| https://t.me/ctinow/179602 2024-02-18 15:11:57+00:00| seen| https://t.me/ctinow/187270...

CVE-2024-0448

CVE-2024-0448 affects the Elementor Addons by Livemesh plugin for WordPress (versions up to and including 8.3.1). The underlying issue is Stored Cross-Site Scripting via the widget URL parameters caused by insufficient input sanitization and output escaping, allowing authenticated attackers with ...