Aggregator

原域名已变更且将在2024年彻底废弃，请访问 https://govuln.com/news/ 查看新的RSS订阅

Currently trending CVE - Hype Score: 19

Currently trending CVE - Hype Score: 19

Currently trending CVE - Hype Score: 19

Currently trending CVE - Hype Score: 19

Currently trending CVE - Hype Score: 21

Currently trending CVE - Hype Score: 28 - Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Currently trending CVE - Hype Score: 37 - A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The ...

Currently trending CVE - Hype Score: 43 - An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. ...

Currently trending CVE - Hype Score: 1 - Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.

Currently trending CVE - Hype Score: 67 - A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code ...

Новые расчеты заставляют иначе смотреть на странные цифры из образцов Apollo.

A vulnerability identified as critical has been detected in Microsoft Edge. Affected by this vulnerability is the function CssParser::RecordProperty. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2017-8496. The attack is possible to be carried out remotely. Moreover, an exploit is present. It is suggested to install a patch to address this issue.

A vulnerability was found in VizEx Reader 9.7.5 and classified as critical. Impacted is an unknown function of the component tif File Handler. The manipulation results in memory corruption. This vulnerability was named CVE-2017-8927. The attack needs to be approached locally. In addition, an exploit is available.

A vulnerability was found in Ipswitch WS_FTP Pro up to 12.6.0.2. It has been rated as critical. This vulnerability affects unknown code of the component Search. This manipulation causes memory corruption. This vulnerability appears as CVE-2017-16513. The attack requires local access. In addition, an exploit is available. Upgrading the affected component is advised.

A vulnerability was found in KMPlayer 4.2.2.4. It has been declared as problematic. Affected is an unknown function of the component NSV File Handler. Executing manipulation can lead to improper input validation. This vulnerability is tracked as CVE-2017-16952. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability described as critical has been identified in K7 Total Security up to 15.1. This impacts an unknown function. Executing manipulation can lead to improper input validation. This vulnerability is registered as CVE-2017-18019. The attack needs to be launched locally. Furthermore, an exploit is available. Upgrading the affected component is recommended.

A vulnerability has been found in Intel Graphics Driver and classified as critical. Affected by this vulnerability is an unknown functionality of the component Content Protection HECI Service. The manipulation leads to incorrect type conversion. This vulnerability is documented as CVE-2017-5717. The attack needs to be performed locally. Additionally, an exploit exists.

A vulnerability marked as critical has been reported in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. This vulnerability is handled as CVE-2025-14637. The attack can be initiated remotely. Additionally, an exploit exists.