1176 matches found
ROS-20251217-7306
A vulnerability in the Omnibox component of the Google Chrome browser is related to the implementation of an incorrect control flow. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information...
ROS-20251215-7306
A vulnerability in the perl-Crypt-OpenSSL-RSA package of Red Hat Enterprise Linux operating systems is related to information disclosure through a mismatch. Exploitation of the vulnerability could allow an attacker acting remotely to implement the Bleichenbacher attack...
webkit: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
Arbitrary File Read via Absolute Path Input in nltk.util.filestring() enabling Local & Remote File Disclosure
This report is not public...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
PT-2025-49758
Name of the Vulnerable Software and Affected Versions Tenda AC9 version 15.03.05.14 multi Description A flaw exists in Tenda AC9 version 15.03.05.14 multi related to an unknown functionality within the /cgi-bin/DownloadCfg.jpg file of the Configuration File Handler component. This issue allows fo...
CVE-2025-48592
In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48592
In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48592
CVE-2025-48592 describes a vulnerability in the C2SoftDav1dDec.cpp decoder where in initDecoder there is an out-of-bounds read caused by a heap buffer overflow. This can lead to remote information disclosure without extra privileges or user interaction. The available connected sources (Red Hat, E...
CVE-2025-14197
A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed...
webkit: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...
Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkit: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS CVE-2025-13502 webkitgtk: Processing maliciously crafted web content may lead to memory...
CVE-2025-14197
A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed...
CVE-2025-13947 Webkit: webkitgtk: remote user-assisted information disclosure via file drag-and-drop
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...
CVE-2025-13947
A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...
WebKitGTK 安全漏洞
WebKitGTK is a full-featured port of the WebKit rendering engine for projects that require any type of web integration, from hybrid HTML / CSS applications to full-fledged web browsers. It provides the full functionality of WebKit for a wide range of systems from desktop computers to embedded...
PT-2025-48801
Name of the Vulnerable Software and Affected Versions WebKitGTK affected versions not specified Description A security issue exists in WebKitGTK that could allow remote, user-assisted information disclosure. The issue involves the file drag-and-drop mechanism, where WebKitGTK does not properly...
CVE-2025-13804
A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler...