551
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.
Update
|
CWE-617
Reachable Assertion
|
CVE-2022-35205
|
2024-10-30 00:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
552
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to cause a denial-of-service to Endpoint Security clients.
Update
|
NVD-CWE-noinfo
|
CVE-2022-26699
|
2024-10-30 00:35 |
2023-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
553
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Use after free in Browser History in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)
Update
|
CWE-416
Use After Free
|
CVE-2022-3863
|
2024-10-30 00:35 |
2023-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
554
|
5.9 |
MEDIUM
Network
|
python
|
setuptools
|
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expressio…
Update
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2022-40897
|
2024-10-30 00:35 |
2022-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
555
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chro…
Update
|
NVD-CWE-noinfo
|
CVE-2022-3447
|
2024-10-30 00:35 |
2022-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
556
|
6.5 |
MEDIUM
Network
|
php fedoraproject debian
|
php fedora debian_linux
|
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` o…
Update
|
NVD-CWE-noinfo
|
CVE-2022-31629
|
2024-10-30 00:35 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
557
|
- |
|
php
|
php
|
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attacke…
Update
|
CWE-17
Code
|
CVE-2014-9426
|
2024-10-30 00:35 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
558
|
- |
|
cisco
|
unified_communications_manager
|
The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discove…
Update
|
CWE-310
Cryptographic Issues
|
CVE-2013-7030
|
2024-10-30 00:35 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
559
|
- |
|
sgi
|
irix
|
root privileges via buffer overflow in ordist command on SGI IRIX systems.
Update
|
NVD-CWE-Other
|
CVE-1999-0029
|
2024-10-30 00:35 |
1997-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
560
|
5.4 |
MEDIUM
Network
|
hikashop
|
hikashop
|
A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious p…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-40746
|
2024-10-30 00:34 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|