EUVD-2025-2173

Malicious code in bioql PyPI...

EUVD-2021-6835

Malicious code in bioql PyPI...

CVE-2025-20185

A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must...

CVE-2025-20185 Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation Vulnerability

A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must...

CVE-2024-1672

CVE-2024-1672 affects Google Chrome/Chromium CSP handling. The vulnerability arises from an inappropriate CSP policy implementation that allows bypass via a crafted HTML page. Root cause: CSP module in Chromium is improperly enforcing policy. Affected: Chrome/Chromium builds prior to 122.0.6261.5...

CVE-2024-0806

Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. Chromium security severity: Medium...

CVE-2023-5854

Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. Chromium security severity: Medium...

CVE-2023-5476

Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4907

Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

WordPress Word Count Analysis Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Word Count Analysis Type Plugin Vulnerable versions = 1.0.11 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 056e051a5bca Credits Rafie Muhammad Patchstack...

CVE-2023-2463

Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-1221

Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2022-3309

Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. Chromium security severity: Medium...

qemu:qemu-fuzz-i386-target-generic-fuzz-xhci: Index-out-of-bounds in xhci_runtime_write

Detailed Report: https://oss-fuzz.com/testcase?key=5747786781556736 Project: qemu Fuzzing Engine: libFuzzer Fuzz Target: qemu-fuzz-i386-target-generic-fuzz-xhci Job Type: libfuzzerubsanqemu Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: xhciruntimewrite...

c-blosc2:decompress_fuzzer: Heap-buffer-overflow in tinfl_decompress

Project: https://github.com/Blosc/c-blosc2.git Detailed Report: https://oss-fuzz.com/testcase?key=5957965459488768 Project: c-blosc2 Fuzzing Engine: libFuzzer Fuzz Target: decompressfuzzer Job Type: libfuzzerasani386c-blosc2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address...

rdkit:mol_data_stream_to_mol_fuzzer: Stack-buffer-overflow in RDKit::ParseMolBlockProperties

Detailed Report: https://oss-fuzz.com/testcase?key=5068710860292096 Project: rdkit Fuzzing Engine: libFuzzer Fuzz Target: moldatastreamtomolfuzzer Job Type: libfuzzerasani386rdkit Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0xffca746f Crash State:...

leptonica:enhance_fuzzer: Heap-buffer-overflow in pixGetRGBComponentCmap

Project: https://github.com/DanBloomberg/leptonica.git Detailed Report: https://oss-fuzz.com/testcase?key=5686984648687616 Project: leptonica Fuzzing Engine: honggfuzz Fuzz Target: enhancefuzzer Job Type: honggfuzzasanleptonica Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash...

open62541:fuzz_tcp_message: Use-of-uninitialized-value in UA_Array_copy

Detailed Report: https://oss-fuzz.com/testcase?key=5740902795706368 Project: open62541 Fuzzing Engine: libFuzzer Fuzz Target: fuzztcpmessage Job Type: libfuzzermsanopen62541 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: UAArraycopy Stringcopy...

dlplibs:wdbfuzzer: Stack-buffer-overflow in WPSEmbeddedObject::operator=

Detailed Report: https://oss-fuzz.com/testcase?key=5720192547291136 Project: dlplibs Fuzzing Engine: libFuzzer Fuzz Target: wdbfuzzer Job Type: libfuzzerasandlplibs Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7ffde3842118 Crash State: WPSEmbeddedObject::operator=...

File Sharing And Chat 1.0 Denial Of Service

Document Title: =============== File Sharing & Chat v1.0 iOS - Denial of Service Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2222 Release Date: ============= 2020-04-27 Vulnerability Laboratory ID VL-ID:...