361
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Use after free in Browser History in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)
Update
|
CWE-416
Use After Free
|
CVE-2022-3863
|
2024-10-30 00:35 |
2023-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
362
|
5.9 |
MEDIUM
Network
|
python
|
setuptools
|
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expressio…
Update
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2022-40897
|
2024-10-30 00:35 |
2022-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
363
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chro…
Update
|
NVD-CWE-noinfo
|
CVE-2022-3447
|
2024-10-30 00:35 |
2022-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
364
|
6.5 |
MEDIUM
Network
|
php fedoraproject debian
|
php fedora debian_linux
|
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` o…
Update
|
NVD-CWE-noinfo
|
CVE-2022-31629
|
2024-10-30 00:35 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
365
|
- |
|
php
|
php
|
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attacke…
Update
|
CWE-17
Code
|
CVE-2014-9426
|
2024-10-30 00:35 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
366
|
- |
|
cisco
|
unified_communications_manager
|
The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discove…
Update
|
CWE-310
Cryptographic Issues
|
CVE-2013-7030
|
2024-10-30 00:35 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
367
|
- |
|
sgi
|
irix
|
root privileges via buffer overflow in ordist command on SGI IRIX systems.
Update
|
NVD-CWE-Other
|
CVE-1999-0029
|
2024-10-30 00:35 |
1997-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
368
|
5.4 |
MEDIUM
Network
|
hikashop
|
hikashop
|
A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious p…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-40746
|
2024-10-30 00:34 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
369
|
5.4 |
MEDIUM
Network
|
apple
|
macos iphone_os ipados tvos visionos safari
|
An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in tvOS 17.6, visionOS 1.3, Safari 17.6, watchOS 10.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. A …
Update
|
NVD-CWE-noinfo
|
CVE-2024-44206
|
2024-10-30 00:31 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
370
|
5.5 |
MEDIUM
Local
|
apple
|
macos ipados iphone_os
|
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPad…
Update
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-44205
|
2024-10-30 00:27 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|