Lucene search
K

99 matches found

OSV
OSV
added 2024/11/27 6:15 p.m.14 views

CVE-2024-9369

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

9.6CVSS6AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/11/19 12:0 a.m.11 views

Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00236EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/22 3:12 a.m.3 views

SUSE CVE-2024-7974

Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS7.1AI score0.0046EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/18 12:0 a.m.2 views

PT-2024-6810 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 129.0.6668.58 Microsoft Edge affected versions not specified Description: The issue is related to insufficient data validation in the Omnibox feature of Google Chrome and Microsoft Edge browsers. This could all...

8.8CVSS5.6AI score0.00472EPSS
Exploits2References54
Zero Day Initiative
Zero Day Initiative
added 2024/08/13 12:0 a.m.7 views

Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS6.8AI score0.03901EPSS
Exploits0References1
CNVD
CNVD
added 2024/07/18 12:0 a.m.10 views

Unspecified Vulnerability in Google Chrome (CNVD-2024-35099)

Google Chrome is a web browser from Google, an American company. Google Chrome has a security vulnerability that stems from an insufficient data validation issue found in the Permission Prompts module. No details of the vulnerability are provided at this time...

9.6CVSS6.5AI score0.00319EPSS
Exploits1References1
OSV
OSV
added 2024/05/14 9:37 a.m.6 views

SUSE-SU-2024:1635-2 Security update for tpm2-0-tss

This update for tpm2-0-tss fixes the following issues: - CVE-2024-29040: Fixed quote data validation by FapiVerifyQuote bsc1223690...

4.3CVSS4.7AI score0.00346EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.25 views

Sante DICOM Viewer Pro 安全漏洞

Santesoft Sante DICOM Viewer Pro is a powerful viewer, anonymizer, converter and PACS client from Santesoft Cyprus. Works with DICOM files of all models and manufacturers. A security vulnerability exists in Sante DICOM Viewer Pro, which stems from a lack of proper validation of user-supplied data...

8.8CVSS8AI score0.00916EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/02/20 6:43 p.m.7 views

CVE-2023-6247

The PKCS7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing...

6.5CVSS6.5AI score0.00778EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2024/02/12 12:0 a.m.10 views

Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...

7.8CVSS7.2AI score0.00554EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/10 12:0 a.m.36 views

CVE-2024-0333

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. Chromium security severity: High...

5.3CVSS6.1AI score0.00429EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/18 12:0 a.m.8 views

CVE-2022-4235

RushBet version 2022.23.1-b490616d allows a remote attacker to steal customer accounts via use of a malicious application. This is possible because the application exposes an activity and does not properly validate the data it receives...

5.8AI score0.00566EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.5 views

CVE-2022-41705

Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users...

9.8AI score0.01813EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/10/25 12:0 a.m.6 views

CVE-2022-41711

Badaso version 2.6.0 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users...

9.8AI score0.01551EPSS
Exploits1References2
CNVD
CNVD
added 2022/08/19 12:0 a.m.9 views

OTFCC Buffer Overflow Vulnerability (CNVD-2024-08544)

OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A buffer overflow vulnerability exists in OTFCC version 0.10.4, which stems from a lack of proper validation of user-supplied data in the /release-x64/otfccdump+0x6b0478 file, and can be...

9.8CVSS7AI score0.01181EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/03/30 12:0 a.m.4 views

PT-2022-3234 · Nvidia · Nvidia Jetson Linux Driver Package

Name of the Vulnerable Software and Affected Versions: NVIDIA Jetson Linux Driver Package affected versions not specified Description: The issue is related to insufficient validation of untrusted data in the Cboot ext4 mount function, which may allow a highly privileged local attacker to cause an...

5CVSS5.3AI score0.00197EPSS
Exploits0References7
OSV
OSV
added 2022/02/11 11:15 p.m.5 views

CVE-2021-4098

Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

7.4CVSS8.7AI score
Exploits0References2
Cvelist
Cvelist
added 2022/01/13 9:43 p.m.36 views

CVE-2021-34887

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS3.6AI score0.01603EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.4 views

Ibm Security Risk Manager on Cp4S 安全漏洞

Ibm Security Risk Manager on Cp4S is a security risk manager from Ibm USA. A security vulnerability exists in Ibm Security Risk Manager on Cp4S, which stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

4.9CVSS6AI score0.00506EPSS
Exploits0References3
CNVD
CNVD
added 2021/07/16 12:0 a.m.7 views

Unspecified Vulnerability in D-Link DAP-1330

D-Link DAP-1330 is a network device a WIFI device from AUO D-Link, Taiwan, China. A security vulnerability exists in the D-Link DAP-1330 1.13B01 BETA, which stems from a lack of proper validation of the length of user-supplied data before copying it to a stack-based fixed-length buffer. An attack...

8.8CVSS7.1AI score0.02333EPSS
Exploits0References1
Rows per page
Query Builder