131 matches found
EUVD-2018-15765
Malware in sbrugna...
CVE-2024-23226
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution...
CVE-2024-44187
A vulnerability was found in WebKit. This flaw allows a remote attacker to exfiltrate data cross-origin by convincing a victim to visit a specially crafted website, which results in obtaining sensitive information. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2024-23284
A flaw was found in WebKit. This flaw allows remote attackers to bypass security restrictions due to a logic flaw by persuading a victim to access a specially crafted website, enabling attackers to circumvent the Content Security Policy enforcement...
CVE-2024-23263
A flaw was found in WebKit. This flaw allows remote attackers to bypass security restrictions due to a logic issue by convincing a victim to visit a specially crafted website. This results in the attacker evading the Content Security Policy enforcement...
CVE-2024-23254
A vulnerability was found in WebKit, where a remote attacker is able to exfiltrate audio data cross-origin by convincing a victim to visit a specially crafted website, which results in obtaining sensitive information...
CVE-2024-23252
A flaw was found in WebKit. This flaw allows an attacker to trigger a denial of service condition by convincing a victim to visit a specially crafted website...
CVE-2022-1513
A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website...
CVE-2022-1513
A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website...
Code injection
A potential vulnerability was reported in Lenovo PCManager prior to version 5.0.10.4191 that may allow code execution when visiting a specially crafted website...
webkitgtk: Integer overflow leading to arbitrary code execution
A flaw was found in the webkitgtk package. Affected versions of this package could allow a remote attacker to execute arbitrary code on the system caused by an integer overflow in the WebKit component. An attacker can execute arbitrary code on the system by persuading a victim to visit a speciall...
The vulnerability of the Google Chrome browser’s printing function allows a hacker to execute arbitrary code.
The vulnerability of the Google Chrome browser’s printing function is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created website...
CVE-2021-30762
A flaw was found in the webkitgtk package. Affected versions of this package could allow a remote attacker to execute arbitrary code on the system caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker can execute arbitrary co...
CVE-2021-30761
A flaw was found in the webkitgtk package. Affected versions of this package could allow a remote attacker to execute arbitrary code on the system caused by memory corruption in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this...
Microsoft Visual Studio Spoofing Vulnerability (CNVD-2021-54406)
Microsoft Visual Studio is a family of development tools from Microsoft Corporation USA and is a largely complete development toolset that includes most of the tools needed throughout the software lifecycle. An attacker could exploit this vulnerability with a specially crafted website to spoof...
Google Chrome Security Bypass Vulnerability (CNVD-2020-29298)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome prior to version 83.0.4103.61, which stems from the program's failure to fully enforce policies. The vulnerability can be exploited by an attacker to bypass security restrictions with...
Microsoft Color Management Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Color Management Module ICM32.dll handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data;...
GDI+ Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...
Vulnerabilities of operating systems such as openSUSE Leap, Mac OS X, iOS, tvOS, watchOS, the browser Safari, the multimedia player iTunes, and the iCloud service can be exploited when operations occur outside of the buffer in memory, allowing attackers to execute arbitrary code.
The vulnerabilities of the operating systems openSUSE Leap, Mac OS X, iOS, tvOS, watchOS, the browser Safari, the multimedia player iTunes, and the iCloud service are due to operations that go beyond the buffer limits in memory. Exploiting these vulnerabilities allows a malicious actor to execute...
Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability
Important Microsoft has completed the investigation into a public report of this vulnerability. We have issued CVE-2020-0674 - Scripting Engine Memory Corruption Vulnerability to address this vulnerability. For more information about this issue, including download links for an available security...