13 matches found
CVE-2026-13874
Race in DataTransfer in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13874
CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...
Linux Distros Unpatched Vulnerability : CVE-2025-13874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have...
CVE-2025-13874
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with Guest permissions to view issues in projects they were not authorized to access...
CVE-2025-13874
CVE-2025-13874 affects GitLab CE/EE campaigns: all versions from 15.1 prior to 18.9.7, 18.10 prior to 18.10.6, and 18.11 prior to 18.11.3 could allow an authenticated user with Guest permissions to view issues in projects they were not authorized to access. The issue is described as an Authorizat...
CVE-2024-13874
The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13874
The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Linux Distros Unpatched Vulnerability : CVE-2018-13874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FDsec2read in H5FDsec2.c, related to HDmemset...
CVE-2018-13874
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FDsec2read in H5FDsec2.c, related to HDmemset...
UBUNTU-CVE-2018-13874
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FDsec2read in H5FDsec2.c, related to HDmemset...
CVE-2018-13874
CVE-2018-13874 affects the HDF5 1.8.20 library with a stack-based buffer overflow in H5FD_sec2_read (H5FDsec2.c), related to HDmemset. Public details in provided documents confirm the vulnerability, its impact (per CVSS: critical/ HIGH), and exposure over a network with no authentication, but no ...
CVE-2017-13874
An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail" component. It might allow remote attackers to bypass an intended encryption protection mechanism by leveraging incorrect S/MIME certificate selection...
CVE-2017-13874
CVE-2017-13874 affects iOS before 11.2 (Mail). The issue arises from incorrect S/MIME certificate selection, which may allow a remote attacker to bypass the intended encryption protection mechanism. Technical details show the vulnerability lies in the Mail component’s handling of S/MIME certifica...