CVE-2026-33336 Vikunja Desktop vulnerable to Remote Code Execution via same-window navigation

Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables nodeIntegration in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place a link in...

CVE-2023-36607

The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents...

SUSE CVE-2013-6653

Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser...

SUSE CVE-2016-1641

Use-after-free vulnerability in content/browser/webcontents/webcontentsimpl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as...

CVE-2022-1637

Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

DEBIAN-CVE-2022-1637

Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2022-1637

Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2022-1637

Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2022-1637

CVE-2022-1637 targets Google Chrome’s Web Contents component. The issue arises from an inappropriate implementation that allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected product is Chrome (Chromium-based); the specific impact is data disclosure between origins....

CVE-2022-1637

Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 101.0.4951.64 version, fixing many bugs and 13 CVE. Some of them are listed below: 1316990 High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18 1314908 High CVE-2022-1634: Use after free in Browser UI...

KLA12555 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in ANGLE can be exploited to cause denial of service or execute arbitrar...

Remote Code Execution

chromium is vulnerable to remote code execution. Inappropriate implementation in Web Contents in Google Chrome allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Chromium: CVE-2022-1637 Inappropriate implementation in Web Contents

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

The vulnerability of the Web Contents component of the Google Chrome browser, which allows a hacker to execute arbitrary code.

The vulnerability of the Web Contents component of the Google Chrome browser exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

Google Chrome Security Update (stable-channel-update-for-desktop_10-2022-05) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

CVE-2018-20894

cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories SEC-443...

UBUNTU-CVE-2017-5533

A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability whic...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability of the content/browser/webcontents/webcontentsimpl.cc function in Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause service interruptions or other effects by initiating the loading of images after data of...

CVE-2016-1641

Use-after-free vulnerability in content/browser/webcontents/webcontentsimpl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as...