Google Chrome Security Bypass Vulnerability (CNVD-2023-08277)

Google Chrome is a web browser from Google, Inc. A security bypass vulnerability exists in Google Chrome, which stems from improper implementation in navigation. An attacker could exploit this vulnerability to bypass security restrictions...

CVE-2022-4174

Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Libarchive Code Execution Vulnerability

libarchive is a multi-format archive and compression library. libarchive A code execution vulnerability exists in libarchive version 3.6.1, which stems from a failure to check for errors after calling the calloc function, i.e., if the function fails, the calloc function returns a NULL pointer,...

The vulnerability of the Linux operating system’s kernel, related to errors in resource release, allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel is related to errors during resource release. Exploiting this vulnerability allows an attacker to cause service failures...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow is vulnerable to an input validation error that could be exploited by an attacker to cause a denial of service...

kavita 授权问题漏洞

kavita is a fast, feature-rich, cross-platform reading server. An authorization issue vulnerability exists in versions prior to kavita 0.6.0.3, which can be exploited by an attacker to...

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2023-53906)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A remote code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute code on the target host...

Microsoft Exchange Server Elevation of Privilege Vulnerability (CNVD-2023-51378)

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker can...

CVE-2022-3885

Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Democritus Project d8s-strings code execution vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. Democritus Project d8s-strings has a security vulnerability that stems from its inclusion of a potential code execution backdoor inserted by a third party. An attacker could...

Cleo 安全漏洞

Cleo is used to create beautiful and testable command line interfaces. A security vulnerability exists in Cleo. An attacker could exploit this vulnerability to cause a denial of service...

Microsoft Excel 安全漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A security feature bypass vulnerability exists in Microsoft Excel. An attacker can exploit this vulnerability to bypass security features...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS. An attacker exploits the vulnerability to modify desktop module data...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS. An attacker exploiting this vulnerability could cause availability to be compromised...

The vulnerability of the iscsicpl.exe executable file of the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the iscsicpl.exe executable file in Windows operating systems is related to the possibility of replacing the DLL file. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Adobe Photoshop graphic editor lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4. An attacker exploited the vulnerability to cause a memory leak...

Apple watchOS 安全漏洞

Apple watchOS is an operating system for smartwatches from Apple. A security vulnerability exists in Apple watchOS. An attacker could exploit this vulnerability to modify protected portions of the file system...

The vulnerability of Zoom’s video conferencing software, related to the handling of the zero pointer, allows a hacker to cause a service failure.

The vulnerability of Zoom video conferencing software relates to the handling of the zero pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Bento4 AP4_Atom::TypeFromString Buffer Overflow Vulnerability

Bento4 is an open source C++ library for reading and writing MP4 files. A buffer error vulnerability exists in Bento4 v1.6.0-639, which stems from a heap overflow in the AP4Atom::TypeFromString function of the mp4tag component, and can be exploited by an attacker to compromise the confidentiality...