5834 matches found
CVE-2022-28684
This vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. Authentication is required to exploit this vulnerability. The specific flaw exists within the SafeBinaryFormatter library. The issue results from the lack of proper validation of...
CVE-2022-40651
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
CVE-2022-40644
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
CVE-2019-13322
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...
CVE-2019-17136
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-10910
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-8860
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O8.x, P9.0, Q10.0 devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The...
CVE-2024-12212
The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures, resulting in execution of arbitrary code...
CVE-2024-51550
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
The vulnerability of Android operating systems, related to insufficient validation of input data, allows attackers to escalate their privileges.
The vulnerability of Android operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of Android operating systems, related to insufficient validation of input data, allows attackers to escalate their privileges.
The vulnerability of Android operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of Android operating systems, related to insufficient validation of input data, allows attackers to escalate their privileges.
The vulnerability of Android operating systems is related to insufficient checking of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges
The vulnerability of the Framework component in Android operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2023-39943 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium Out-of-bounds Write
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build 1204.200, the affected application lacks proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the...
The vulnerability of the PowerDNS Recursor DNS server, related to insufficient validation of input data, allows attackers to trigger a service failure.
The vulnerability of the PowerDNS Recursor DNS server is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
ChargePoint Home Flex 缓冲区错误漏洞
ChargePoint Home Flex is a series of electric vehicle charging devices from ChargePoint USA. A security vulnerability exists in the ChargePoint Home Flex that stems from a lack of proper validation of user-supplied data, which could result in writes beyond the end of the allocated buffer. An...
The vulnerability of the module responsible for processing URL addresses of medical image and data management systems, such as Sante PACS Server PG, allows a hacker to trigger a service failure.
The vulnerability of the URL parsing module of the Sante PACS Server PG system is related to insufficient data validation during URL parsing. Exploiting this vulnerability could allow an attacker to cause service interruptions...
openSUSE 15 Security Update : chromium (openSUSE-SU-2025:0018-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0018-1 advisory. - Chromium 132.0.6834.83 stable released 2024-01-14 boo1235892 CVE-2025-0434: Out of bounds memory access in V8 CVE-2025-0435: Inappropriate...
OPENSUSE-SU-2025:0018-1 Security update for chromium
This update for chromium fixes the following issues: - Chromium 132.0.6834.83 stable released 2024-01-14 boo1235892 CVE-2025-0434: Out of bounds memory access in V8 CVE-2025-0435: Inappropriate implementation in Navigation CVE-2025-0436: Integer overflow in Skia CVE-2025-0437: Out of bounds read ...
Google Chrome Security Bypass Vulnerability (CNVD-2025-06042)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that is caused due to insufficient data validation in extensions. An attacker can exploit this vulnerability to bypass security restrictions...