20 matches found
PT-2026-38206
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in FedCM Federated Credential Management, an API that allows users to sign into websites using credentials from a third-party identity provide...
EUVD-2020-30336
Malware in sbrugna...
EUVD-2020-19540
Malware in sbrugna...
EUVD-2006-1942
Malware in sbrugna...
EUVD-2012-4362
Malware in sbrugna...
EUVD-2021-8256
Malicious code in bioql PyPI...
CVE-2025-24680
CVE-2025-24680 affects WordPress WP Multistore Locator (plugin) up to version 2.4.7 and is a cross-site scripting (XSS) issue caused by improper neutralization of script-related HTML tags in reflected input. Public sources consistently state the vulnerability is XSS (Reflected) and indicate remed...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-15364)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
The vulnerability of the ANGLE library in Google Chrome browsers allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the ANGLE library in Google Chrome browsers is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause service interruptions or execute arbitrary code through a specially created HTML page...
The vulnerability of the Frames component in Google Chrome browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Frames component in Google Chrome browsers relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through a specially crafted HTML page...
ROS-2-1624
2.1624 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...
The vulnerability of the Windows Media Foundation component in Windows operating systems allows attackers to gain privileges to install programs, view, modify, or delete data, as well as create new user accounts with full user rights.
The vulnerability of the Windows Media Foundation component in Windows operating systems arises from operations that occur outside the buffer in memory. Exploiting this vulnerability can allow attackers to gain control over programs, access data, modify or delete data, and create new user account...
The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser allows a hacker to execute arbitrary code.
The vulnerability of the ChakraCore JavaScript script handler in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...
Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0037)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
Microsoft Internet Explorer SLayoutRun Use After Free (MS13-009) - High Confidence (CVE-2013-0025)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...
Internet Explorer Refresh Race Condition Memory Corruption (MS10-053; CVE-2010-2558; CVE-2011-1963)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that may have been corrupted due to a race condition. To trigger this issue, an attacker may create a malicious web page that will explo...
CVE-2004-1616
Links allows remote attackers to cause a denial of service memory consumption via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangleme...
PHP 4.x5.0.1 - PHP_Variables Remote Memory Disclosure
PHP 4.x5.0.1 - PHPVariables Remote Memory Disclosure source: https://www.securityfocus.com/bid/11334/info A vulnerability is reported to present itself in the array parsing functions of the 'phpvariables.c' PHP source file. The vulnerability occurs when a PHP script is being used to print URI...
Microsoft Internet Explorer 6 - '%USERPROFILE%' File Execution
source: https://www.securityfocus.com/bid/7826/info Microsoft Internet Explorer is prone to an issue which could permit an attacker to load a known, existing file in a user's temporary directory or possibly other directories in a user's profile. It is possible to exploit this issue via a maliciou...
Microsoft Security Bulletin MS02-069: Flaw in Microsoft VM Could Enable System Compromise (810030)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in Microsoft VM Could Enable System Compromise 810030 Date: 11 December 2002 Software: Microsoft VM Impact: Eight vulnerabilities, the most serious of which would enable an...