CVE-2025-13706 Tencent PatrickStar merge_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability

Tencent PatrickStar mergecheckpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent PatrickStar. User interaction is required to exploit this vulnerability in that the...

CVE-2024-13706

The WP Image Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'file' parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

CVE-2024-13706

CVE-2024-13706 affects the WordPress plugin WP Image Uploader, with versions up to and including 1.0.1 vulnerable to Reflected Cross‑Site Scripting via the file parameter. Root cause: insufficient input sanitization and output escaping. Impact: unauthenticated attackers could inject scripts in pa...

CVE-2024-13706 WP Image Uploader <= 1.0.1 - Reflected Cross-Site Scripting

The WP Image Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'file' parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

CVE-2019-13706

creationtimestamp| type| source ---|---|--- 2024-02-27 11:16:39+00:00| seen| https://t.me/ctinow/194234...

CVE-2021-34993

This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CVSearchService service. The issue results from the lack of proper...

CVE-2021-34993

CVE-2021-34993 is an authentication-bypass vulnerability in Commvault CommCell’s CVSearchService. Remote attackers can bypass authentication on affected installations (e.g., CommCell 11.22.22) due to lack of proper validation prior to authentication. Multiple sources (NVD description referencing ...

Security update for chromium, re2 (important)

openSUSE Security Update: Security update for chromium, re2 Announcement ID: openSUSE-SU-2020:0010-1 Rating: important References: 1154806 Cross-References: CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706 CVE-2019-13707...

CVE-2019-13706

Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

CVE-2019-13706

CVE-2019-13706 affects Chromium/Google Chrome PDFium: an out-of-bounds read in PDFium before 78.0.3904.70. This is reported as information disclosure in multiple sources. Impact is bounded to unauthorized data exposure via crafted PDFs. Remediation: upgrade to Chromium/Chrome 78.0.3904.70 or newe...

CVE-2019-13706

Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

RHEL 6 : chromium-browser (RHSA-2019:3759)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3759 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 78.0.3904.70. Security Fixes:...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

CVE-2019-13706

Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 78 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 78.0.3904.70 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

CVE-2018-13706

CVE-2018-13706 affects the IdeaCoin Ethereum token. The mintToken function in the smart contract is vulnerable to an integer overflow, allowing the contract owner to set an arbitrary user’s balance to any value. Documents confirm the vulnerability exists in the contract’s token minting logic, wit...

CVE-2018-13706

The mintToken function of a smart contract implementation for IdeaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

CVE-2017-13706

XML external entity XXE vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery SSRF attacks, conduct internal port...

CVE-2017-13706

CVE-2017-13706 affects Lansweeper prior to 6.0.100.67. An XML External Entity (XXE) vulnerability exists in the deployment module's import package functionality, allowing remote authenticated users to access sensitive information, cause denial of service, conduct server-side request forgery (SSRF...

CVE-2017-13706

XML external entity XXE vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side request forgery SSRF attacks, conduct internal port...