105 matches found
CVE-2025-9132
CVE-2025-9132 concerns Google Chrome’s V8 engine: an out-of-bounds write can lead to heap corruption when processing crafted HTML pages. The vulnerability affects Chrome/Chromium prior to version 139.0.7258.138. Impact is described as potential arbitrary code execution/heap damage, with a High se...
Linux Distros Unpatched Vulnerability : CVE-2018-6121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2017-5115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2016-5219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to...
The vulnerability of the MediaStream interface in Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the MediaStream interface in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by using a specially crafted HTML page...
CVE-2025-6248
A cross-site scripting XSS vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content...
CVE-2022-0180
Cross-site request forgery CSRF vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page...
CVE-2005-2143
Microsoft Front Page allows attackers to cause a denial of service crash via a crafted style tag in a web page...
CVE-2025-1935
A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
PT-2025-9660 · Mozilla +10 · Firefox +10
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 136 Firefox ESR versions prior to 128.8 Description: A web page could trick a user into setting that site as the default handler for a custom URL protocol. Recommendations: For Firefox versions prior to 136, update t...
The vulnerability of the Blink rendering module in Microsoft Edge and Google Chrome browsers allows attackers to compromise the integrity of protected information.
The vulnerability of the Blink rendering module in Microsoft Edge and Google Chrome browsers is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected information through a specially...
The vulnerability of the Tinode Chat messaging platform, which allows a hacker to perform a CSRF attack
The vulnerability of the Tinode Chat messaging platform is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack using a specially created web page...
PT-2023-7687 · Google +5 · Google Chrome +5
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.109 Description: The issue is related to a use after free vulnerability in the libavif library of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a craft...
The vulnerability of the Installer component in the Google Chrome browser allows a hacker to bypass existing security restrictions.
The vulnerability of the Google Chrome browser’s Installer component is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially created HTML page...
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server programs lies in their lack of access control mechanisms, allowing attackers to increase their privileges.
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created...
The vulnerability of Google Chrome’s Safe Browsing service allows a hacker to disclose protected information.
The vulnerability of Google Chrome’s Safe Browsing service exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to disclose protected information through a specially created web page...
Microsoft Excel Spoofing
Title: Microsoft Excel Spoofing Vulnerability Author: nu11secur1ty Date: 04.06.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/ CVE-2023-23398 Description: The attack itself is...
The vulnerability of the cross-platform software development framework Qt, related to resource management errors, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the cross-platform software development framework Qt is related to resource management errors. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures through a specially created web page...
The vulnerability of the Assistant web browser component of Google Chrome, which allows a hacker to disclose protected information
The vulnerability of the Assistant web browser component of Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information through a specially created web page...
The vulnerability of the Media components in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability of the Media component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...