Lucene search
K

1057 matches found

UbuntuCve
UbuntuCve
added 2025/12/02 7:15 p.m.5 views

CVE-2025-13633

Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.00393EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/02 7:15 p.m.5 views

CVE-2025-13721

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS7.1AI score0.00187EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/02 7:15 p.m.4 views

CVE-2025-13631

Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. Chromium security severity: High...

8.8CVSS5.9AI score0.00303EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/02 7:15 p.m.4 views

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS7.2AI score0.00225EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2025/12/02 1:16 p.m.6 views

Advisory ROSA-SA-2025-3091

Software: python3-setuptools 39.2.0 OS: rosa-server79 unaffected versions = python3-setuptools-39.2.0-10.0.5.res7 affected versions python3-setuptools-39.2.0-10.0.5.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging...

8.8CVSS8.6AI score0.01479EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2025/11/26 9:40 a.m.9 views

com.expediagroup:drone-fly-app (=1.0.9), org.apache.hive:hive-beeline (>=4.0.0 <=4.1.0) +3 more potentially affected by CVE-2025-62728 via org.apache.hive:hive-standalone-metastore-server (>=4.0.0-alpha-1 <=4.1.0)

org.apache.hive:hive-standalone-metastore-server MAVEN version =4.0.0-alpha-1, =4.0.0, =4.0.0, =4.1.0 - org.apache.hive:hive-metastore-packaging =4.1.0 - org.apache.hive:hive-standalone-metastore-rest-catalog =4.1.0 Source cves: CVE-2025-62728 Source advisory: SNYK:JAVA-ORGAPACHEHIVE-14136073...

5.4CVSS7.2AI score0.00343EPSS
Exploits0
CVE
CVE
added 2025/11/19 12:0 a.m.19 views

CVE-2025-63220

The CVE-2025-63220 entry concerns Sound4 FIRST's web-based management interface. The vulnerability is Remote Code Execution (RCE) via a malicious firmware update package, caused by the update mechanism failing to validate the integrity of the manual.sh script. An attacker could modify this script...

7.2CVSS7.3AI score0.00413EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2025/11/18 12:0 a.m.5 views

CVE-2025-13230

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.00219EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/11/17 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:4091-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.3CVSS6.8AI score0.00303EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/11/15 8:15 a.m.3 views

CVE-2025-7736

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.9 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker to bypass access control restrictions and view GitLab Pages content intended only for project members by...

4.3CVSS5.9AI score0.00247EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/11/15 8:15 a.m.4 views

CVE-2025-11990

GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses...

3.5CVSS5.9AI score0.00263EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/11/14 3:15 a.m.4 views

CVE-2024-13178

Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.0018EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/11/14 3:15 a.m.3 views

CVE-2025-13107

Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.9AI score0.0018EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/11/14 3:15 a.m.4 views

CVE-2024-11920

Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.9AI score0.00201EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/11/14 3:15 a.m.5 views

CVE-2024-7021

Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.00171EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/11/14 3:15 a.m.3 views

CVE-2024-13983

Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a crafted QR code. Chromium security severity: Low...

6.3CVSS5.9AI score0.00124EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.4 views

openSUSE 15 Security Update : cargo-packaging, rust-bindgen (SUSE-SU-2025:4091-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4091-1 advisory. cargo-packaging was updated to version 1.3.0+0: - CVE-2025-58160: Fixed tracing log pollution in tracing-subscriber bsc1249012 Other fixes: - Prevent strippi...

2.3CVSS5.5AI score0.00303EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/11/13 4:30 p.m.4 views

Security update for cargo-packaging, rust-bindgen

This update for cargo-packaging and rust-bindgen fixes the following issues: cargo-packaging was updated to version 1.3.0+0: CVE-2025-58160: Fixed tracing log pollution in tracing-subscriber bsc1249012 Other fixes: Prevent stripping debug info bsc1222175 rust-bindgen was updated to 0.72.0. Patch...

3.1CVSS6.8AI score0.00303EPSS
Exploits0References6
OSV
OSV
added 2025/11/13 4:30 p.m.4 views

SUSE-SU-2025:4091-1 Security update for cargo-packaging, rust-bindgen

This update for cargo-packaging and rust-bindgen fixes the following issues: cargo-packaging was updated to version 1.3.0+0: - CVE-2025-58160: Fixed tracing log pollution in tracing-subscriber bsc1249012 Other fixes: - Prevent stripping debug info bsc1222175 rust-bindgen was updated to 0.72.0...

2.3CVSS6.8AI score0.00303EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in release-it-juno-cypress-ganymede (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55d18c480ca87915de8b545c8543b1908769b9d71711027a718c1af31ffaa6ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder