| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low) |
| Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a workaround, disable BBCode for comments. |
| Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) |
| Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium) |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13.
|
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13. |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| Windows Sysmain Service Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| Azure DevOps Server Spoofing Vulnerability |
| Azure Connected Machine Agent Elevation of Privilege Vulnerability |
| Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability |
| Microsoft Outlook for Mac Spoofing Vulnerability |
| Microsoft Outlook Information Disclosure Vulnerability |
| Windows Bluetooth Driver Remote Code Execution Vulnerability |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| Win32k Elevation of Privilege Vulnerability |