153 matches found
CVE-2026-5291
An inappropriate implementation flaw was found in the WebGL component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=490118036...
CVE-2026-5283
An inappropriate implementation flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=492131521...
CVE-2026-5283
Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-4461
An inappropriate implementation flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=490558172...
CVE-2026-3541
Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
CVE-2013-7310
The OSPF implementation on Yamaha routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or obtain sensitive...
CVE-2025-11212
Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
EUVD-2014-4120
Malware in sbrugna...
EUVD-2015-1248
Malware in sbrugna...
EUVD-2001-1128
Malware in sbrugna...
EUVD-2001-0588
Malware in sbrugna...
EUVD-2015-4170
Malware in sbrugna...
EUVD-2024-54573
Malicious code in bioql PyPI...
CVE-2025-26438
In smpprocesssecureconnectionoobdata of smpact.cc, there is a possible way to bypass SMP authentication due to Incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references. Original Description The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair...
CVE-2025-41647
A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions...
CVE-2024-7487
An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an implementation flaw that allows app-native authentication to be bypassed when an invalid object is passed. Exploitation of this vulnerability could enable malicious actors to circumvent the client verification...
CVE-2012-6371
The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading broadcast packets, a different vulnerability than CVE-2012-4366...
WSO2 Identity Server(IS) 安全漏洞
WSO2 Identity Server IS is an identity server from WSO2, Inc. A security vulnerability exists in WSO2 Identity Server IS version 7.0.0, which stems from an implementation flaw that could lead to bypassing authentication...
CVE-2025-4143
The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirecturi was on the allowed list of redirect URIs for the given client registration. Fixed in:...