99 matches found
CVE-2024-9369
Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
SUSE CVE-2024-7974
Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
PT-2024-6810 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 129.0.6668.58 Microsoft Edge affected versions not specified Description: The issue is related to insufficient data validation in the Omnibox feature of Google Chrome and Microsoft Edge browsers. This could all...
Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...
Unspecified Vulnerability in Google Chrome (CNVD-2024-35099)
Google Chrome is a web browser from Google, an American company. Google Chrome has a security vulnerability that stems from an insufficient data validation issue found in the Permission Prompts module. No details of the vulnerability are provided at this time...
SUSE-SU-2024:1635-2 Security update for tpm2-0-tss
This update for tpm2-0-tss fixes the following issues: - CVE-2024-29040: Fixed quote data validation by FapiVerifyQuote bsc1223690...
Sante DICOM Viewer Pro 安全漏洞
Santesoft Sante DICOM Viewer Pro is a powerful viewer, anonymizer, converter and PACS client from Santesoft Cyprus. Works with DICOM files of all models and manufacturers. A security vulnerability exists in Sante DICOM Viewer Pro, which stems from a lack of proper validation of user-supplied data...
CVE-2023-6247
The PKCS7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing...
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...
CVE-2024-0333
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. Chromium security severity: High...
CVE-2022-4235
RushBet version 2022.23.1-b490616d allows a remote attacker to steal customer accounts via use of a malicious application. This is possible because the application exposes an activity and does not properly validate the data it receives...
CVE-2022-41705
Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users...
CVE-2022-41711
Badaso version 2.6.0 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users...
OTFCC Buffer Overflow Vulnerability (CNVD-2024-08544)
OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A buffer overflow vulnerability exists in OTFCC version 0.10.4, which stems from a lack of proper validation of user-supplied data in the /release-x64/otfccdump+0x6b0478 file, and can be...
PT-2022-3234 · Nvidia · Nvidia Jetson Linux Driver Package
Name of the Vulnerable Software and Affected Versions: NVIDIA Jetson Linux Driver Package affected versions not specified Description: The issue is related to insufficient validation of untrusted data in the Cboot ext4 mount function, which may allow a highly privileged local attacker to cause an...
CVE-2021-4098
Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
CVE-2021-34887
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Ibm Security Risk Manager on Cp4S 安全漏洞
Ibm Security Risk Manager on Cp4S is a security risk manager from Ibm USA. A security vulnerability exists in Ibm Security Risk Manager on Cp4S, which stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...
Unspecified Vulnerability in D-Link DAP-1330
D-Link DAP-1330 is a network device a WIFI device from AUO D-Link, Taiwan, China. A security vulnerability exists in the D-Link DAP-1330 1.13B01 BETA, which stems from a lack of proper validation of the length of user-supplied data before copying it to a stack-based fixed-length buffer. An attack...