Unspecified Vulnerability in SyroTech SY-GPON-1110-WDONT

The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. A security vulnerability exists in the SyroTech SY-GPON-1110-WDONT that stems from improper implementation of a password policy. An attacker can exploit this vulnerability to launch further attacks on the system...

llama.cpp Denial of Service Vulnerability

llama.cpp is a multimodal model. A denial of service vulnerability exists in llama.cpp that stems from the inclusion of a null pointer dereference in ggufinitfromfile. An attacker could exploit this vulnerability to cause a denial of service...

Google Chrome Security Bypass Vulnerability (CNVD-2024-33609)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from an improper implementation of Fullscreen. An attacker can exploit the vulnerability to bypass security restrictions...

Apache CloudStack Security Bypass Vulnerability (CNVD-2024-33812)

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. A security bypass vulnerability exists in Apache CloudStack that stem...

LG Simple Editor Directory Traversal Arbitrary File Deletion Vulnerability (CNVD-2024-34035)

LG Simple Editor is a simple editor from Luckin LG Korea that creates new content by simplifying the process and instant playback on signage. A directory traversal arbitrary file deletion vulnerability exists in LG Simple Editor, which can be exploited by an attacker to delete a system by sending...

Apache Linkis Code Issue Vulnerability

Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.6.0 before the version of the code problem vulnerability, the vulnerability stems from the data...

Mattermost Mobile Apps Security Vulnerability

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. A security vulnerability exists in Mattermost Mobile Apps version 2.16.0 and earlier, which stems from a failure to prevent misuse of globally shared MathJax state, allowing an attacker to change the content of a LateX...

Google Android Framework elevation of privilege vulnerability (CNVD-2024-37974)

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android Framework due to an error in a framework component that can be exploited by an attacker to gain elevated privileges on the system...

Mozilla Firefox for Android Elevation of Privilege Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox for Android suffers from an elevation of privilege vulnerability that is caused by an immediate interaction with a privilege prompt. An attacker can exploit the vulnerability to gain...

Google Android elevation of privilege vulnerability (CNVD-2024-45231)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by out-of-bounds writes in multiple functions of MessageQueueBase.h. The vulnerability can be exploited by an attacker to escalate privileges. An...

Microsoft Windows Secure Boot Security Feature Bypass Vulnerability (CNVD-2024-32551)

Microsoft Windows Secure Boot is a secure boot from Microsoft USA. A security feature bypass vulnerability exists in Microsoft Windows Secure Boot, which can be exploited by attackers to bypass security features...

D-Link DAP-2622 Buffer Overflow Vulnerability (CNVD-2024-32554)

The D-Link DAP-2622 is a wireless router from China-based AUO D-Link. The D-Link DAP-2622 suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute code in the root context...

Google Android elevation of privilege vulnerability (CNVD-2024-39685)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a flaw in setSkipPrompt in AssociationRequest.java. An attacker can exploit this vulnerability to escalate privileges...

Ffmpeg load_input_picture buffer overflow vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.0, which stems from a boundary error in loadinputpicture in libavcodec/mpegvideoenc.c:1216:21 when handling untrusted input. A...

Absolute Secure Access Security Vulnerability

Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in versions prior to Absolute Secure Access 13.06. An attacker exploited the vulnerability resulting in a significant...

Dell Client Platform Authorization Issues Vulnerability

Dell Client platforms are a client platform from Dell USA. The Dell Client Platform suffers from an authorization issue vulnerability that stems from the presence of incorrect authorization, which can be exploited by an attacker to bypass BIOS authorization and modify settings in the BIOS...

IBM Db2 Denial of Service Vulnerability (CNVD-2025-01793)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service full vulnerability that can be exploited by an attacker to cau...

Lunary Authorization Issues Vulnerability

Lunary is lunary open source a production toolkit for LLM. Lunary has an authorization issue vulnerability that stems from the lack of proper authorization checks in the dataset deletion end node, which can be exploited by an attacker to delete any dataset...

PT-2024-4239 · Google +6 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 126.0.6478.54 Microsoft Edge affected versions not specified Description: The issue is related to an inappropriate implementation in the Memory Allocator component of Google Chrome and Microsoft Edge browsers,...

WordPress GP Premium plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...