Lucene search
K

5126 matches found

NVD
NVD
added 2024/07/26 3:15 p.m.13 views

CVE-2024-41670

In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...

7.5CVSS0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/26 2:46 p.m.17 views

CVE-2024-41670 PayPal Official Module for PrestaShop has Improperly Implemented Security Check for Standard

In the module "PayPal Official" for PrestaShop 7+ releases prior to version 6.4.2 and for PrestaShop 1.6 releases prior to version 3.18.1, a malicious customer can confirm an order even if payment is finally declined by PayPal. A logical weakness during the capture of a payment in case of disable...

7.5CVSS7.4AI score0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/26 11:34 a.m.28 views

CVE-2024-41684 Cookie Without Secure Flag Set Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system...

6.9CVSS6.9AI score0.00207EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.27 views

Google Chrome < 126.0.6367.182 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 126.0.6367.182. It is, therefore, affected by multiple vulnerabilities as referenced in the 202407stable-channel-update-for-desktop advisory. - Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182...

9.6CVSS7.7AI score0.00781EPSS
Exploits10References17
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.27 views

openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0212-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0212-1 advisory. Chromium 126.0.6478.182 boo1227979: - CVE-2024-6772: Inappropriate implementation in V8 - CVE-2024-6773: Type Confusion in V8 - CVE-2024-6774: Us...

9.6CVSS7.7AI score0.00781EPSS
Exploits10References18
OSV
OSV
added 2024/07/22 9:12 a.m.16 views

OPENSUSE-SU-2024:0212-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 126.0.6478.182 boo1227979: - CVE-2024-6772: Inappropriate implementation in V8 - CVE-2024-6773: Type Confusion in V8 - CVE-2024-6774: Use after free in Screen Capture - CVE-2024-6775: Use after free in Media Stream - CVE-2024-6776: Use...

9.6CVSS8.1AI score0.00781EPSS
Exploits10References10
Amazon
Amazon
added 2024/07/22 12:0 a.m.3 views

Medium: wireshark

Issue Overview: Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture fil...

7.5CVSS7.2AI score0.01754EPSS
Exploits3
Amazon
Amazon
added 2024/07/22 12:0 a.m.2 views

Medium: wireshark

Issue Overview: Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file CVE-2022-3190 Memory handling issue in editcap could cause denial of service via crafted capture file...

7.5CVSS7.7AI score0.01754EPSS
Exploits3
OpenVAS
OpenVAS
added 2024/07/22 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2024-0273)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS7.9AI score0.00781EPSS
Exploits10References4
OSV
OSV
added 2024/07/21 8:15 a.m.1 views

CVE-2024-38438

D-Link - CWE-294: Authentication Bypass by Capture-replay...

9.8CVSS5.8AI score0.00661EPSS
Exploits0References1
NVD
NVD
added 2024/07/21 8:15 a.m.21 views

CVE-2024-38438

D-Link - CWE-294: Authentication Bypass by Capture-replay...

9.8CVSS0.00661EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/21 7:19 a.m.31 views

CVE-2024-38438 D-Link - CWE-294: Authentication Bypass by Capture-replay

D-Link - CWE-294: Authentication Bypass by Capture-replay...

9.8CVSS0.00661EPSS
Exploits0References1
CVE
CVE
added 2024/07/21 7:19 a.m.76 views

CVE-2024-38438

CVE-2024-38438 refers to a D-Link vulnerability described as CWE-294: Authentication Bypass by Capture-replay. The connected sources list a CVSS v3.1 base score of 9.8 (Network, Privileges Required: None, User Interaction: None, Scope: Unchanged) with High impact on Confidentiality, Integrity, an...

9.8CVSS9.6AI score0.00661EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/21 12:0 a.m.23 views

Fedora 40 : chromium (2024-2a56aeb66b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2a56aeb66b advisory. update to 126.0.6478.182 High CVE-2024-6772: Inappropriate implementation in V8 High CVE-2024-6773: Type Confusion in V8 High CVE-2024-6774: Use aft...

9.6CVSS7.7AI score0.00781EPSS
Exploits10References9
Mageia
Mageia
added 2024/07/20 9:22 p.m.42 views

Updated chromium-browser-stable packages fix security vulnerabilities

Inappropriate implementation in V8. CVE-2024-6772 Type Confusion in V8. CVE-2024-6773 Use after free in Screen Capture. CVE-2024-6774 Use after free in Media Stream. CVE-2024-6775 Use after free in Audio. CVE-2024-6776 Use after free in Navigation. CVE-2024-6777 Race in DevTools. CVE-2024-6778 Ou...

9.6CVSS7.8AI score0.00781EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2024/07/20 12:0 a.m.22 views

Fedora 39 : chromium (2024-d9916cb7e2)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d9916cb7e2 advisory. update to 126.0.6478.182 High CVE-2024-6772: Inappropriate implementation in V8 High CVE-2024-6773: Type Confusion in V8 High CVE-2024-6774: Use aft...

9.6CVSS7.7AI score0.00781EPSS
Exploits10References9
Microsoft CVE
Microsoft CVE
added 2024/07/18 5:33 p.m.22 views

Chromium: CVE-2024-6774 Use after free in Screen Capture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.5AI score0.00473EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2024/07/18 2:48 a.m.1 views

SUSE CVE-2024-6774

Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.2AI score0.00473EPSS
Exploits1References7
CNVD
CNVD
added 2024/07/18 12:0 a.m.3 views

Unspecified Vulnerability in Google Chrome (CNVD-2024-35185)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that stems from a post-release usage issue found in the Screen Capture module. No details of the vulnerability are provided at this time...

8.8CVSS6.4AI score0.00473EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2024/07/17 12:0 a.m.19 views

Google Chrome Security Update (stable-channel-update-for-desktop-2024-07) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

9.6CVSS8.1AI score0.00781EPSS
Exploits11References1
Rows per page
Query Builder