Lucene search
+L

17 matches found

osv
osv
added 2026/05/27 3:48 p.m.4 views

CVE-2026-44320 free5GC: NEF nnef-callback route group is unauthenticated; forged callback requests are accepted into the processing path

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-callback route group without inbound OAuth2/bearer-token authorization. A forged or arbitrary bearer token e.g. Authorization: Bearer not-a-real-token is enough to reach the SMF-callback...

7.3CVSS6.1AI score0.00241EPSS
Exploits1References5
euvd
euvd
added 2026/05/04 4:43 p.m.9 views

EUVD-2025-209631

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-3211

Malware in sbrugna...

7.5CVSS9.3AI score0.01694EPSS
Exploits0References9
susecve
susecve
added 2023/02/15 5:37 a.m.2 views

SUSE CVE-2013-2921

Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering...

6.8CVSS9.6AI score0.01272EPSS
Exploits0References5
cve
cve
added 2020/07/09 2:39 p.m.262 views

CVE-2020-12419

CVE-2020-12419 describes a use-after-free in the browser/windowing code: during processing of callbacks in window flushing in the parent process, a window may die, leading to memory corruption and a potentially exploitable crash. Affected products in the provided docs include Thunderbird and Fire...

9.3CVSS8.4AI score0.02322EPSS
Exploits0References11Affected Software3
cvelist
cvelist
added 2020/07/09 2:39 p.m.19 views

CVE-2020-12419

When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR 68.10, Firefox 78, and...

8.6AI score0.02322EPSS
Exploits0References11
packetstorm
packetstorm
added 2020/02/25 12:0 a.m.173 views

WordPress WooCommerce CardGate Payment Gateway 3.1.15 Bypass

Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com www.curopayments.com Software Link:...

0.1AI score0.04877EPSS
Exploits6
redhat
redhat
added 2014/10/14 7:22 a.m.4 views

chromium: multiple security fixes in Chrome 38.0.2125.101

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

7.5CVSS7.5AI score0.01694EPSS
Exploits0References5
nvd
nvd
added 2014/10/08 10:55 a.m.23 views

CVE-2014-3193

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

7.5CVSS7.1AI score0.01694EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2014/10/08 10:55 a.m.29 views

CVE-2014-3193

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

7.5CVSS7.3AI score0.01694EPSS
Exploits0References4
prion
prion
added 2014/10/08 10:55 a.m.19 views

Type confusion

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

7.5CVSS7.6AI score0.01694EPSS
Exploits0References5Affected Software5
cve
cve
added 2014/10/08 10:0 a.m.87 views

CVE-2014-3193

CVE-2014-3193 : Affected software is Google Chrome prior to 38.0.2125.101. Root cause is a type confusion issue in SessionService::GetLastSession used during callback processing, which can lead to a use-after-free and potentially other impact. The vulnerability enables denial of service and parti...

7.5CVSS7AI score0.01694EPSS
Exploits0References5Affected Software4
nvd
nvd
added 2013/10/02 10:35 a.m.19 views

CVE-2013-2921

Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering...

6.8CVSS7AI score0.01272EPSS
Exploits0References8
prion
prion
added 2013/10/02 10:35 a.m.16 views

Double free

Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering...

6.8CVSS7.6AI score0.01272EPSS
Exploits0References8Affected Software1
ubuntucve
ubuntucve
added 2013/10/02 10:35 a.m.28 views

CVE-2013-2921

Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering...

6.8CVSS7.3AI score0.01272EPSS
Exploits0References4
cvelist
cvelist
added 2013/10/02 10:0 a.m.29 views

CVE-2013-2921

Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering...

6.9AI score0.01272EPSS
Exploits0References8
debiancve
debiancve
added 2013/10/02 10:0 a.m.28 views

CVE-2013-2921

Removed by vendor...

6.8CVSS9.4AI score0.01272EPSS
Exploits0
Rows per page
Query Builder