6 matches found
CVE-2026-33046 Indico discloses local files resulting in Remote Code Execution through LaTeX injection
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaT...
EUVD-2023-48171
Malicious code in bioql PyPI...
CVE-2023-43799
Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects versions of the...
Design/Logic Flaw
Google Chrome before 21.0.1180.57 on Linux does not properly isolate renderer processes, which allows remote attackers to cause a denial of service cross-process interference via unspecified vectors...
CVE-2011-1439
Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors...
CVE-2011-1439
Removed by vendor...