27 matches found
CVE-2025-56710
A Cross-Site Request Forgery CSRF vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-Using-PHP-V2.0. This flaw allows an attacker to trick authenticated users into unintentionally modifying their account details. By crafting a malicious HTML page, ...
Information Exposure
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Information Exposure via the Loader component. An attacker can leak sensitive cross-origin data by crafting...
Geovision GV-ASManager 6.1.10 Cross Site Request Forgery
Geovision GV-ASManager versions 6.1.10 and below suffer from a cross site request forgery vulnerability. CVE-2024-56901 CVE-2024-56901 - A Cross-Site Request Forgery CSRF vulnerability in Geovision GV-ASManager web application with the version 6.1.1.0 or less that allows attackers to arbitrarily...
The vulnerability of the application programming interfaces of Google Chrome and Microsoft Edge allows a hacker to bypass existing security restrictions and perform a substitution of the user interface.
The vulnerability of the application programming interfaces of Google Chrome and Microsoft Edge relates to the bypassing of authentication processes through spoofing techniques. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions and replace the use...
The vulnerability of the Extensions component in Google Chrome and Microsoft Edge browsers allows a hacker to replace the user interface.
The vulnerability of the Extensions component in Google Chrome and Microsoft Edge is related to improper security checks for standard elements. Exploiting this vulnerability could allow a malicious actor to replace the user interface with a specially created HTML page...
Heap Buffer Overflow
bash is vulnerable to a heap buffer overflow. The vulnerability exists in validparametertransform function of subst.c which allows an attacker to crash the system through potentially exploit heap corruption via a malicious HTML page...
Use After Free
chromium:sid is vulnerable to use after free. It allowed a remote attacker to potentially exploit heap corruption via a malicious HTML page...
Denial Of Service (DoS)
chromium is vulnerable to denial of service. The vulnerability exists due to the out of bound read in the Dawn, allowing an attacker to crash the application by providing a maliciously crafted HTML page...
Use-After-Free
chromium is vulnerable to use-after-free. The vulnerability exists in performance manager due to heap corruption which allows an attacker to crash the application via a malicious HTML page...
Denial Of Service (DoS)
chromium is vulnerable to denial of service. An attacker is able to crash the system by exploiting a heap corruption via a maliciously crafted HTML page...
Arbitrary Code Execution
chrome is vulnerable to arbitrary code execution. A type confusion in V8 in Google Chrome allows a remote attacker to execute arbitrary code inside a sandbox via a malicious HTML page...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. A remote attacker is able to exploit the heap corruption via a malicious HTML page...
Heap Buffer Overflow
chromium is vulnerable to heap buffer overflow. The vulnerability exists when an attacker send a malicious HTML page, causing a heap corruption...
Content Spoofing
chromium is vulnerable to content spoofing. An insecure implementation allows an attacker who has compromised the renderer process to spoof contents of the Omnibox via a malicious HTML page...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. A heap-based buffer overflow in V8 allows a remote attacker to execute arbitrary code on the host OS via a heap corruption via a malicious HTML page...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. A heap-based buffer overflow in Skia allows a remote attacker to exploit a heap corruption and execute arbitrary code on the host OS via a malicious HTML page...
Information Disclosure
chromium is vulnerable to information disclosure. Side-channel information leakage in autofill allows a remote attacker to obtain confidential information from process memory via a malicious HTML page...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. Heap buffer overflow in WebAudio allows a remote attacker to exploit a heap corruption via a malicious HTML page...
Content-Security Policy Bypass
chromium is vulnerable to content-security policy bypass. Insufficient policy enforcement in CSP allows a remote attacker to bypass content security policy via a malicious HTML page...
Arbitrary Code Execution
chromium is vulnerable to arbitrary code execution. Insufficient checks of pointer validity in WebRTC allows a remote attacker to exploit a heap corruption and execute arbitrary code on the host OS via a malicious HTML page...