Lucene search
K

5610 matches found

OSV
OSV
added 2025/06/24 8:15 p.m.1 views

DEBIAN-CVE-2025-6556

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.6AI score0.00157EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/06/24 8:3 p.m.4 views

CVE-2025-6556

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

5.4CVSS6.5AI score0.00157EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.2 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from insufficient policy enforcement in the Loader component, which can be exploited by an attacker to bypass content security policies...

5.4CVSS6.6AI score0.00157EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/06/24 12:0 a.m.7 views

Google Chrome < 138.0.7204.49 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 138.0.7204.49. It is, therefore, affected by multiple vulnerabilities as referenced in the 202506stable-channel-update-for-desktop24 advisory. - Insufficient data validation in DevTools in Google Chrome on Windows prior t...

5.4CVSS6.4AI score0.00177EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/06/23 3:45 a.m.4 views

glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen, including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo, may incorrectly search LDLIBRARYPATH to determine which library to load, allowing a local attacker to load...

7.8CVSS7.3AI score0.0039EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/20 6:48 a.m.3 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to to prototype pollution due to webpack loader-utils ( CVE-2022-37601 )

Summary Potential vulnerabilities in webpack loader-utils module has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: Prototype pollution vulnerability in function parseQuery in parseQuery....

9.8CVSS9AI score0.02601EPSS
Exploits1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.6 views

The vulnerability of the UFS loader component of the Grub2 operating system, which allows a hacker to trigger a service failure

The vulnerability of the UFS loader component in operating systems like Grub relates to writing beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00318EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.4 views

The vulnerability of the hfs loader component in Grub2 operating systems allows a hacker to trigger a service failure.

The vulnerability of the hfs loader component in the Grub operating system is related to writing beyond the boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.7AI score0.00371EPSS
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/06/20 12:0 a.m.5 views

The vulnerability of the gettext loader component in the Grub2 operating system allows a hacker to execute arbitrary code.

The vulnerability of the gettext loader component in operating system Grub is related to integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7AI score0.00231EPSS
Exploits0References8Affected Software6
SUSE CVE
SUSE CVE
added 2025/06/19 3:45 a.m.1 views

SUSE CVE-2022-49951

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix use-after-free during unregister In the following code within firmwareuploadunregister, the call to deviceunregister could result in the devrelease function freeing the fwuploadpriv structure before it is...

5.5CVSS6AI score0.00207EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/06/19 3:42 a.m.1 views

SUSE CVE-2022-50069

In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case the argument union bpfattr pointer as well as the insn...

5.5CVSS5.8AI score0.00195EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/06/19 12:0 a.m.7 views

The vulnerability of the PackLinuxElf64::un_DT_INIT() function in the src/p_lx_elf.cpp file of the UPX executable file loader allows a attacker to cause a service failure.

The vulnerability of the PackLinuxElf64::unDTINIT function in the src/plxelf.cpp file of the UPX executable file loader is related to buffer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00274EPSS
Exploits1References8Affected Software4
The Hacker News
The Hacker News
added 2025/06/18 3:41 p.m.18 views

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails. The ongoing campaign has been codenamed SERPENTINECLOUD by Securonix. It leverages "the Cloudflare Tunnel infrastructure and Python-based...

7.4AI score
Exploits0
NVD
NVD
added 2025/06/18 11:15 a.m.6 views

CVE-2022-49951

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix use-after-free during unregister In the following code within firmwareuploadunregister, the call to deviceunregister could result in the devrelease function freeing the fwuploadpriv structure before it is...

7.8CVSS0.00207EPSS
Exploits0References2
OSV
OSV
added 2025/06/18 11:15 a.m.3 views

DEBIAN-CVE-2022-49951

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix use-after-free during unregister In the following code within firmwareuploadunregister, the call to deviceunregister could result in the devrelease function freeing the fwuploadpriv structure before it is...

7.8CVSS5.3AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.3 views

DEBIAN-CVE-2022-49949

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix memory leak in firmware upload In the case of firmware-upload, an instance of struct fwupload is allocated in firmwareuploadregister. This data needs to be freed in fwdevrelease. Create a new fwuploadfree...

5.5CVSS5.3AI score0.00179EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.1 views

UBUNTU-CVE-2022-49949

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix memory leak in firmware upload In the case of firmware-upload, an instance of struct fwupload is allocated in firmwareuploadregister. This data needs to be freed in fwdevrelease. Create a new fwuploadfree...

5.5CVSS6AI score0.00179EPSS
Exploits0References4
OSV
OSV
added 2025/06/18 11:15 a.m.5 views

UBUNTU-CVE-2022-50105

In the Linux kernel, the following vulnerability has been resolved: powerpc/spufs: Fix refcount leak in spufsinitisolatedloader offindnodebypath returns remote device nodepointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount leak...

5.5CVSS5.9AI score0.00156EPSS
Exploits0References10
OSV
OSV
added 2025/06/18 11:2 a.m.5 views

CVE-2022-50105 powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader

In the Linux kernel, the following vulnerability has been resolved: powerpc/spufs: Fix refcount leak in spufsinitisolatedloader offindnodebypath returns remote device nodepointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount leak...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References11
OSV
OSV
added 2025/06/18 11:0 a.m.7 views

CVE-2022-49951 firmware_loader: Fix use-after-free during unregister

In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix use-after-free during unregister In the following code within firmwareuploadunregister, the call to deviceunregister could result in the devrelease function freeing the fwuploadpriv structure before it is...

7.8CVSS5.6AI score0.00207EPSS
Exploits0References5
Rows per page
Query Builder