The vulnerability of the user interfaces of Google Chrome and Microsoft Edge allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the user interfaces of Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information through a specially created...

The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge allows a hacker to replace the user interface.

The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge is related to improper limitation of the layers or frames that are displayed in the user interface. Exploiting this vulnerability could allow a malicious actor to replace the user interface with a specially...

PT-2024-14867 · Bitdefender · Bitdefender Total Security

Name of the Vulnerable Software and Affected Versions: Bitdefender Total Security affected versions not specified Description: A vulnerability has been discovered in the HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust...

CVE-2024-21264

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft component: Activity Guide Composer. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox for iOS prior to version 131.2, which originates when opening an external link to an HTTP website under certain circumstances, and can be exploited by...

dotnet: kestrel: closing an HTTP/3 stream can cause a race condition and lead to remote code execution

A flaw was found in dotnet. When closing an HTTP/3 stream while application code is writing to the response body, a race condition can cause a use-after-free...

Schneider Electric System Monitor application 信息泄露漏洞

Schneider Electric System Monitor application is a system monitor program in industrial control equipment from Schneider Electric France. An information disclosure vulnerability exists in the Schneider Electric System Monitor application, which stems from the application's lack of protection of...

PT-2024-7276 · Google +4 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 130.0.6723.69 Description: The issue is related to a type confusion error in the V8 JavaScript engine used by Google Chrome and Microsoft Edge, allowing a remote attacker to potentially exploit heap corruption...

Esri Portal For ArcGIS 安全漏洞

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. Esri Portal For ArcGIS suffers from an HTML injection vulnerability that stems from th...

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

CVE-2024-9174

Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI...

Cisco Small Business 安全漏洞

Cisco Small Business is a switch from Cisco USA. A security vulnerability exists in Cisco Small Business that stems from improper validation of user input in incoming HTTP packets. Allowing a remote attacker to execute arbitrary commands or cause a denial of service on the underlying operating...

The vulnerability of the PHP programming language interpreter, which allows attackers to circumvent existing security restrictions

The vulnerability of the PHP programming language interpreter is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and manipulate the PHP-FPM logs...

The vulnerability of the PHP programming language interpreter, related to insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the PHP programming language interpreter is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of Google Chrome’s Autofill function allows a hacker to replace the user interface.

The vulnerability of Google Chrome’s Autofill function is related to information representation errors in the user interface. Exploiting this vulnerability could allow an attacker to replace the user interface through a specially created HTML page...

The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page from a remote location...

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

WordPress plugin ProfileGrid 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A post-release reuse vulnerability exists in versions of Google Chrome prior to 129.0.6668.70, which can be exploited by a remote attacker to potentially leverage heap corruption via a crafted HTML page...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in versions of Google Chrome prior to 129.0.6668.70, which can be exploited by remote attackers to perform memory access via specially crafted Hypertext Markup Language pages...