4659 matches found
The vulnerability of the Expenses component in the Oracle Project Costing calculation service’s CurrencyOverride feature allows a malicious actor to gain unauthorized access to create, modify, or delete data.
The vulnerability of the Expenses component in the Oracle Project Costing calculation service’s CurrencyOverride feature is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to create, modify, o...
The vulnerability of the Kubernetes cluster management software, related to errors in processing hypertext links, allows a hacker to access confidential data.
The vulnerability of the Kubernetes cluster management software is related to errors in processing hypertext links. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...
CVE-2022-28648
In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered...
CVE-2022-28648
In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered...
DEBIAN-CVE-2022-0467
Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
DEBIAN-CVE-2022-0468
Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2022-0804
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page...
UBUNTU-CVE-2022-0809
Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-0608
Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2022-0610
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
The vulnerability of the isolated programming environment for the Racket language, related to errors in processing hypertext links, allows attackers to compromise the integrity of data.
The vulnerability of the isolated programming environment Racket is related to errors in processing hypertext links. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...
The vulnerability of the filtervar function in the PHP interpreter allows attackers to execute arbitrary code.
The vulnerability of the filtervar function in the PHP interpreter is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted user input...
fenom 安全漏洞
fenom is a lightweight and fast PHP template engine. fenom 2.12.1 and earlier versions are vulnerable to code injection, which stems from a failure to properly filter the construct command special characters, commands, etc. in the getTemplateCode function of fenom/src/Fenom/Template.php, which ca...
VulnCheck KEV: CVE-2021-31166
Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution...
The vulnerability of Google Chrome’s Storage component allows a hacker to execute arbitrary code.
The vulnerability of Google Chrome’s Storage component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created HTML page...
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker who controls the HTTP server to make the client script enter an infinite loop consuming CPU time. The highest threat from this vulnerability is to system availability.
...
The vulnerability of the Oracle Access Manager component of the Oracle Fusion Middleware software allows a perpetrator to execute arbitrary code.
The vulnerability of the Oracle Access Manager component of the Oracle Fusion Middleware software is related to errors in processing http requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability in the interface for supporting streaming audio and video data from the Media Streams API in browsers like Google Chrome and Microsoft Edge allows a attacker to execute arbitrary code on the target system.
The vulnerability of the Media Streams API interface for handling streaming audio and video data in Google Chrome and Microsoft Edge browsers is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system...
The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers allows attackers to execute arbitrary code.
The vulnerability of JavaScript script handlers in Microsoft Edge and Google Chrome browsers is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially crafted HTML page...
CVE-2022-25495
The component /jqueryfileupload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file...