CVE-2026-0999 Authentication bypass via userID login when email and username login are disabled

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 fail to properly validate login method restrictions which allows an authenticated user to bypass SSO-only login requirements via userID-based authentication. Mattermost Advisory ID: MMSA-2025-00548...

CVE-2022-0999

An authenticated user may be able to misuse parameters to inject arbitrary operating system commands into mySCADA myPRO versions 8.25.0 and prior...

CVE-2023-0999

A vulnerability classified as problematic was found in SourceCodester Sales Tracker Management System 1.0. This vulnerability affects unknown code of the file admin/?page=user/list. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been...

CVE-2021-0999

In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP bluetooth device connection state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2020-0999

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-099...

CVE-2012-0999

SQL injection vulnerability in modules/news/rss.php in LEPTON before 1.1.4 allows remote attackers to execute arbitrary SQL commands via the groupid parameter...

Mageia: Security Advisory (MGASA-2025-0091)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-0999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

electron{32,33} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2025-0611. Security: backported fix for CVE-2025-0612. Security: backported fix for CVE-2025-0999...

Microsoft Edge (Chromium-Based) < 133.0.3065.82 Multiple Vulnerabilities (Feb 2025)

Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Fedora: Security Advisory (FEDORA-2025-c0c371a0b6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chromium: CVE-2025-0999 Heap buffer overflow in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-0999

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 11 security bugs in Chromium: CVE-2024-11477: 7-Zip Zstd decompression integer underflow CVE-2025-0762: Use after free in DevTools CVE-2025-0996: Inappropriate implementation in Browser UI CVE-2025-0998: Out of bounds memory access in V8...

CVE-2025-0999

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-0999

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-0999

Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-0999

CVE-2025-0999 is a real vulnerability affecting Google Chrome's V8 engine, with a heap buffer overflow in V8 prior to 133.0.6943.126 that could allow a remote attacker to trigger heap corruption via a crafted HTML page. Public advisories consistently tie this to high severity and potential arbitr...

CVE-2025-0999

creationtimestamp| type| source ---|---|--- 2025-02-19 04:04:10+00:00| seen| https://bsky.app/profile/dinosn.bsky.social/post/3liivgm3xxs2f 2025-02-19 05:49:47+00:00| seen| https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lij3dmnexc26 2025-02-19 14:31:41+00:00| seen|...

Google Chrome Security Update (stable-channel-update-for-desktop_18-2025-02) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...