Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-11117 1 Google 1 Chrome 2025-01-02 4.3 Medium
Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-28234 1 Contao 1 Contao 2025-01-02 4.3 Medium
Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a workaround, disable BBCode for comments.
CVE-2024-7256 1 Google 2 Android, Chrome 2025-01-02 8.8 High
Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7023 2 Google, Microsoft 2 Chrome, Windows 2025-01-02 8 High
Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
CVE-2024-27937 1 Glpi-project 1 Glpi 2025-01-02 6.5 Medium
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13.
CVE-2024-27930 1 Glpi-project 1 Glpi 2025-01-02 6.5 Medium
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13.
CVE-2023-38174 1 Microsoft 1 Edge Chromium 2025-01-01 4.3 Medium
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2023-36880 1 Microsoft 1 Edge Chromium 2025-01-01 4.8 Medium
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2023-35644 1 Microsoft 14 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 11 more 2025-01-01 7.8 High
Windows Sysmain Service Elevation of Privilege Vulnerability
CVE-2023-35633 1 Microsoft 6 Windows 10 1507, Windows Server 2008, Windows Server 2008 R2 and 3 more 2025-01-01 7.8 High
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35618 1 Microsoft 1 Edge Chromium 2025-01-01 9.6 Critical
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2023-36878 1 Microsoft 1 Edge Chromium 2025-01-01 4.3 Medium
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-21751 1 Microsoft 1 Azure Devops Server 2025-01-01 6.5 Medium
Azure DevOps Server Spoofing Vulnerability
CVE-2023-35624 1 Microsoft 1 Azure Connected Machine Agent 2025-01-01 7.3 High
Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2023-35621 1 Microsoft 1 Dynamics 365 2025-01-01 7.5 High
Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability
CVE-2023-35619 1 Microsoft 1 Office Long Term Servicing Channel 2025-01-01 5.3 Medium
Microsoft Outlook for Mac Spoofing Vulnerability
CVE-2023-35636 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-01-01 6.5 Medium
Microsoft Outlook Information Disclosure Vulnerability
CVE-2023-35634 1 Microsoft 6 Windows 11 21h2, Windows 11 21h2, Windows 11 22h2 and 3 more 2025-01-01 8 High
Windows Bluetooth Driver Remote Code Execution Vulnerability
CVE-2023-35632 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-01-01 7.8 High
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2023-35631 1 Microsoft 8 Windows 11 21h2, Windows 11 21h2, Windows 11 22h2 and 5 more 2025-01-01 7.8 High
Win32k Elevation of Privilege Vulnerability