Lucene search
+L

46 matches found

AlpineLinux
AlpineLinux
added 2024/10/15 9:15 p.m.22 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.1AI score0.00765EPSS
Exploits0
OSV
OSV
added 2024/10/15 9:15 p.m.2 views

DEBIAN-CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS8.2AI score0.00765EPSS
Exploits0References1
OSV
OSV
added 2024/10/15 9:15 p.m.16 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.2AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/10/15 9:15 p.m.8 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.2AI score0.00765EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/10/15 8:14 p.m.17 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS8.2AI score0.00765EPSS
Exploits0
Cvelist
Cvelist
added 2024/10/15 8:14 p.m.17 views

CVE-2024-9955

Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

0.00765EPSS
Exploits0References2
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2024/10/15 12:0 a.m.48 views

Stable Channel Update for Desktop

The Stable channel has been updated to 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 130.0.6723.59 for Windows and Mac whi...

8.8CVSS7.8AI score0.06295EPSS
Exploits3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.5 views

SUSE CVE-2016-9955

The SimpleSAMLXMLValidator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service memory consumption by leveraging improper conversion of return values to boolean...

6.3CVSS7AI score0.01188EPSS
Exploits0References3
NVD
NVD
added 2021/04/02 6:15 p.m.16 views

CVE-2020-9955

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution...

7.8CVSS0.01015EPSS
Exploits0References4
CVE
CVE
added 2021/04/02 5:19 p.m.96 views

CVE-2020-9955

CVE-2020-9955 is an ImageIO out-of-bounds write vulnerability in Apple platforms. Apple reports that processing a maliciously crafted image may lead to arbitrary code execution. Concrete details across connected sources show the issue affecting ImageIO on iOS 14.0 / iPadOS 14.0, tvOS 14.0, watchO...

7.8CVSS7.4AI score0.01015EPSS
Exploits0References4Affected Software5
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.51 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1205)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.7AI score0.05941EPSS
Exploits16References2
CVE
CVE
added 2019/04/22 7:38 p.m.95 views

CVE-2019-9955

Zyxel devices including ATP200/ATP500/ATP800, USG and ZyWALL series (e.g., USG20-VPN/USG1100/USG1900/ ZyWALL 110/310) are affected by CVE-2019-9955. The vulnerability is a reflected Cross-Site Scripting flaw on the security firewall login page caused by unsanitized mp_idx parameter in weblogin.cg...

6.1CVSS5.9AI score0.20861EPSS
Exploits3References5Affected Software1
0day.today
0day.today
added 2019/04/16 12:0 a.m.95 views

Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting

Exploit for hardware platform in category web applications Exploit Title: Reflected XSS on Zyxel login pages Exploit Author: Aaron Bishop Vendor Homepage: https://www.zyxel.com/us/en/ Version: V4.31 Tested on: ZyWall 310, ZyWall 110, USG1900, ATP500, USG40 - weblogin.cgi, webauthrelogin.cgi CVE :...

0.1AI score0.20861EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/04/16 12:0 a.m.423 views

Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting

Exploit Title: Reflected XSS on Zyxel login pages Date: 10 Apr 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://www.zyxel.com/us/en/ Version: V4.31 Tested on: ZyWall 310, ZyWall 110, USG1900, ATP500, USG40 - weblogin.cgi, webauthrelogin.cgi CVE : 2019-9955 1. Description ==============...

7.4AI score
Exploits0
CVE
CVE
added 2018/05/17 3:0 p.m.58 views

CVE-2018-9955

Foxit Reader 9.0.1.1049 is affected by CVE-2018-9955. The vulnerability resides in the XFA Button resolveNode method and is due to not validating the existence of an object before performing operations, enabling remote code execution under the current process when a user opens a malicious file/pa...

8.8CVSS8.8AI score0.02773EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2018/04/04 6:0 p.m.51 views

CVE-2014-9955

CVE-2014-9955 is an elevation-of-privilege vulnerability affecting Android, specifically in Qualcomm closed‑source components with the Android kernel as the platform. The connected CVE records confirm the issue is associated with Qualcomm closed‑source components and that fixes are not delivered ...

10CVSS8.7AI score0.0113EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2018/03/26 12:0 a.m.23 views

Debian: Security Advisory (DLA-1298-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.2AI score0.02424EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/03/06 12:0 a.m.27 views

Debian DLA-1298-1 : simplesamlphp security update

Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. CVE-2016-9814 & CVE-2016-9955 An incorrect check of return values in the signature validation utilities allowed an attacker to get invalid signatures accepted as valid i...

9.1CVSS7.5AI score0.02424EPSS
Exploits0References4
Debian
Debian
added 2018/03/02 11:11 a.m.85 views

[SECURITY] [DLA 1297-1] simplesamlphp security update

Package : simplesamlphp Version : 1.9.2-1+deb7u3 CVE ID : CVE-2016-9814 CVE-2016-9955 Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. CVE-2016-9814 & CVE-2016-9955 An incorrect check of return values in the signature...

9.1CVSS8.5AI score0.02424EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/07/11 7:19 p.m.22 views

CVE-2017-9955

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

5.5CVSS5.4AI score0.01062EPSS
Exploits0References1
Rows per page
Query Builder