CVE-2024-23657

Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Nuxt Devtools is missing authentication on the getTextAssetContent RPC function which is vulnerable to path traversal. Combined with a lack of Origin checks on the WebSocket handler, an attack...

Fedora 40 : chromium (2025-82ba6b8dc5)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-82ba6b8dc5 advisory. Updated to 132.0.6834.159 Medium CVE-2025-0762: Use after free in DevTools Tenable has extracted the preceding description block directly from the...

Chromium: CVE-2025-0762 Use after free in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Microsoft Edge (Chromium) < 132.0.2957.140 (CVE-2025-0762)

The version of Microsoft Edge installed on the remote Windows host is prior to 132.0.2957.140. It is, therefore, affected by a vulnerability as referenced in the January 30, 2025 advisory. - Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potential...

DEBIAN-CVE-2025-0762

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2025-0762

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2025-0762

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2025-0762

CVE-2025-0762 concerns Google Chrome/Chromium DevTools: a use-after-free in DevTools for builds prior to 132.0.6834.159, enabling potential heap corruption from a crafted Chrome Extension. Affected component is Chrome/Chromium DevTools; the underlying cause is a use-after-free defect (exact inter...

SUSE CVE-2025-0762

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in Google Chrome DevTools, which can be exploited by an attacker to execute arbitrary code...

Malicious code in react-native-apollo-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 643d99775fbe5d1e11235967329b1d9bfdd5f173b113db79c998b0ea7f2b7b3c The OpenSSF Package Analysis project identified 'react-native-apollo-devtools' @ 1.0.0 npm as malicious. It is considered malicious because: - T...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 2 security fixes: 384844003 Medium CVE-2025-0762: Use after free in DevTools. Reported by Sakana.S on 2024-12-18...

PT-2025-19757 · Chromium +3 · Chromium +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 136.0.7103.59 chromium in Debian Linux affected versions not specified Description: The issue is related to an inappropriate implementation in DevTools, allowing a remote attacker to bypass discretionary access...

PT-2024-10393 · Microsoft +5 · Edge +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 132.0.6834.159 Microsoft Edge versions prior to 132.0.2957.140 Description: The issue is related to a use-after-free vulnerability in the DevTools of Google Chrome and Microsoft Edge, which could allow a remote...

Fedora 41 : chromium (2024-3a6f9ab958)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a6f9ab958 advisory. Update to 130.0.6723.58 High CVE-2024-9954: Use after free in AI Medium CVE-2024-9955: Use after free in Web Authentication Medium CVE-2024-9956:...

MAL-2024-10674 Malicious code in listing-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9721f8e927e787ea57b202a8a5b29ab1fd0cd530861055ad6a3e36a1c0df8d9a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in listing-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9721f8e927e787ea57b202a8a5b29ab1fd0cd530861055ad6a3e36a1c0df8d9a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora: Security Advisory (FEDORA-2024-4d80983af6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-c0b1d26de3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0337-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...