Lucene search
K

99 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:21 a.m.5 views

CVE-2024-7256

Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.3AI score0.00549EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:39 p.m.8 views

CVE-2022-2798

The Affiliates Manager WordPress plugin before 2.9.14 does not validate and sanitise the affiliate data, which could allow users registering as affiliate to perform CSV injection attacks against an admin exporting the data...

8CVSS7AI score0.0095EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 p.m.8 views

CVE-2020-26995

A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing of SGI and RGB files. This could result in an out of bounds write past the end of an allocated structur...

8.8CVSS7AI score0.03492EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:9 p.m.6 views

CVE-2020-11218

Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...

7.5CVSS7.2AI score0.00811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.9 views

CVE-2019-10506

While processing QCANL80211VENDORSUBCMDAVOIDFREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdrago...

7.8CVSS7.3AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2025/05/01 2:5 p.m.85 views

CVE-2025-23254

NVIDIA TensorRT-LLM (TensorRT-LLM Python executor) contains a data-validation vulnerability that can be exploited with local access to the TRTLLM server to achieve code execution, information disclosure, and data tampering. The CVE-2025-23254 entries across NVD/CVE lists describe a Python-executo...

8.8CVSS8.2AI score0.00249EPSS
Exploits0References1
CNVD
CNVD
added 2025/04/30 12:0 a.m.2 views

ZTE GoldenDB SQL Injection Vulnerability

ZTE GoldenDB is a financial-grade transactional distributed database from China's ZTE Corporation ZTE. It is used in finance, government and enterprise, telecom and other industries to provide highly available data services. ZTE GoldenDB suffers from a SQL injection vulnerability that originates...

7.5CVSS7.3AI score0.0029EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.27 views

Google Chrome < 136.0.7103.48 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 136.0.7103.48. It is, therefore, affected by multiple vulnerabilities as referenced in the 202504stable-channel-update-for-desktop29 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...

9.8CVSS7.7AI score0.0058EPSS
Exploits0References9
CNVD
CNVD
added 2025/04/18 12:0 a.m.2 views

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21429)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

8.5CVSS7.3AI score0.00277EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-9963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestur...

4.3CVSS6.2AI score0.00268EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2024-8907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific ...

6.1CVSS8.3AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-16035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process ...

8.8CVSS8.1AI score0.00996EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2019-10895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data...

7.5CVSS6.7AI score0.05803EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/06 4:43 a.m.16 views

CVE-2021-31499

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.01419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 1:42 a.m.10 views

CVE-2022-43618

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS6.8AI score0.00873EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:53 a.m.15 views

CVE-2022-3378

Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory...

7.8CVSS7.6AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:45 p.m.12 views

CVE-2022-40644

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

7.8CVSS6.8AI score0.00519EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:3 p.m.7 views

CVE-2019-13322

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

8.8CVSS6.9AI score0.02554EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:18 p.m.16 views

CVE-2020-8860

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O8.x, P9.0, Q10.0 devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The...

8CVSS7.2AI score0.00714EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:18 a.m.14 views

CVE-2024-12212

The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures, resulting in execution of arbitrary code...

8.5CVSS7.1AI score0.00205EPSS
Exploits0References1
Rows per page
Query Builder