580 matches found
The vulnerability of Zoom’s video conferencing software lies in the insufficient protection of sensitive data, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Zoom video conferencing software is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-1108 Insufficient data authenticity vulnerability in Janto
Insufficient data authenticity verification vulnerability in Janto, versions prior to r12. This allows an unauthenticated attacker to modify the content of emails sent to reset the password. To exploit the vulnerability, the attacker must create a POST request by injecting malicious content into...
ROS-20250203-06
A vulnerability in the LibreOffice office suite is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to disclose confidential information LibreOffice office suite vulnerability is related to incorrect path name restriction to a...
openSUSE 15 Security Update : chromium (openSUSE-SU-2025:0018-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0018-1 advisory. - Chromium 132.0.6834.83 stable released 2024-01-14 boo1235892 CVE-2025-0434: Out of bounds memory access in V8 CVE-2025-0435: Inappropriate...
OPENSUSE-SU-2025:0018-1 Security update for chromium
This update for chromium fixes the following issues: - Chromium 132.0.6834.83 stable released 2024-01-14 boo1235892 CVE-2025-0434: Out of bounds memory access in V8 CVE-2025-0435: Inappropriate implementation in Navigation CVE-2025-0436: Integer overflow in Skia CVE-2025-0437: Out of bounds read ...
Google Chrome Security Bypass Vulnerability (CNVD-2025-06042)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that is caused due to insufficient data validation in extensions. An attacker can exploit this vulnerability to bypass security restrictions...
CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-0443
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
PT-2025-1284 · Microsoft +5 · Edge +5
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 132.0.6834.83 Microsoft Edge affected versions not specified Description: The issue exists due to insufficient data validation in the Extensions component of Google Chrome and Microsoft Edge, allowing a remote...
Google Chrome Insufficient Data Validation Vulnerability - Windows
Google Chrome is prone to an insufficient data validation vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2024-9369
Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2024-9369
CVE-2024-9369: Insufficient data validation in Mojo within Google Chrome (Chromium) allowed a remote attacker, who had compromised the renderer process, to perform an out-of-bounds memory write via a crafted HTML page. The issue is confirmed in Chrome/Chromium and has high impact. Public fix/upda...
CVE-2024-9369
Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
IrfanView DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files...
Eloqua - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-063
This module integrates webforms with eloqua, an automated marketing and demand generation software built to improve the quality and quantity of customers' sales leads and streamline their sales processes. In certain cases the module doesn't sufficiently sanitize data before passing it to PHP's...
Moodle 安全漏洞
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site scripting vulnerability that stems from insufficient data cleanup when executing a recovery,...
The vulnerability of the Intel Computing Improvement Program’s data collection tool, related to insufficient verification of input data, allows a perpetrator to trigger a service failure.
The vulnerability of the data collection tool in the Intel Computing Improvement Program is related to insufficient testing of input data. Exploiting this vulnerability could allow an attacker to trigger a service failure...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Pattern Lab. The package...
Updated chromium-browser-stable packages fix security vulnerabilities
Integer overflow in Layout. CVE-2024-7025 Insufficient data validation in Mojo. CVE-2024-9369 Inappropriate implementation in V8. CVE-2024-9370 Type Confusion in V8. CVE-2024-9602 Type Confusion in V8. CVE-2024-9603...