The vulnerability of the module responsible for processing URL addresses of medical image and data management systems, such as Sante PACS Server PG, allows a hacker to trigger a service failure.

The vulnerability of the URL parsing module of the Sante PACS Server PG system is related to insufficient data validation during URL parsing. Exploiting this vulnerability could allow an attacker to cause service interruptions...

openSUSE 15 Security Update : chromium (openSUSE-SU-2025:0018-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0018-1 advisory. - Chromium 132.0.6834.83 stable released 2024-01-14 boo1235892 CVE-2025-0434: Out of bounds memory access in V8 CVE-2025-0435: Inappropriate...

OPENSUSE-SU-2025:0018-1 Security update for chromium

This update for chromium fixes the following issues: - Chromium 132.0.6834.83 stable released 2024-01-14 boo1235892 CVE-2025-0434: Out of bounds memory access in V8 CVE-2025-0435: Inappropriate implementation in Navigation CVE-2025-0436: Integer overflow in Skia CVE-2025-0437: Out of bounds read ...

Google Chrome Security Bypass Vulnerability (CNVD-2025-06042)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that is caused due to insufficient data validation in extensions. An attacker can exploit this vulnerability to bypass security restrictions...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : .NET vulnerabilities (USN-7210-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7210-1 advisory. It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly u...

USN-7210-1 dotnet8, dotnet9 vulnerabilities

It was discovered that .NET did not properly handle input provided to its Convert.TryToHexString method. An attacker could possibly use this issue to execute arbitrary code. CVE-2025-21171 It was discovered that .NET did not properly handle an integer overflow when processing certain specially...

Chromium: CVE-2025-0443 Insufficient data validation in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-0443

CVE-2025-0443 affects Google Chrome/Chromium with insufficient data validation in Extensions, allowing privilege escalation when a user is tricked into specific UI gestures via a crafted HTML page. Connected sources confirm Chrome/Chromium and show remediation in Chrome 132.0.6834.83 (and Debian’...

CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 16 security fixes: 374627491 High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 379652406 High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 382786791 High...

PT-2025-1284 · Microsoft +5 · Edge +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 132.0.6834.83 Microsoft Edge affected versions not specified Description: The issue exists due to insufficient data validation in the Extensions component of Google Chrome and Microsoft Edge, allowing a remote...

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: CVE-2024-12693: Out of bounds memory access in V8 CVE-2024-12694: Use after free in Compositing CVE-2025-0436: Integer overflow in Skia CVE-2025-0437: Out of bounds read in Metrics CVE-2025-0438: Stack buffer overflo...

PT-2025-19756 · Chromium +3 · Chromium +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 136.0.7103.59 chromium in Debian Linux affected versions not specified Description: The issue is related to insufficient data validation in DevTools, allowing a remote attacker to bypass discretionary access...

CVE-2024-13049

Ashlar-Vellum Cobalt XE is affected by a type confusion in the XE file parser caused by insufficient validation of user-supplied data. This vulnerability can allow code execution in the context of the target process, requiring user interaction (e.g., viewing a malicious page or file). Multiple so...