| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) |
| Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low) |
| Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interaction. |
| Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| Origin validation error in Windows Network Address Translation (NAT) allows an unauthorized attacker to perform spoofing over an adjacent network. |
| Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network. |
| Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. |
| Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network. |
| Out-of-bounds read in Windows Print Spooler Components allows an authorized attacker to disclose information locally. |
| Stack-based buffer overflow in Windows File History Service allows an authorized attacker to elevate privileges locally. |
| Use of uninitialized resource in Windows File Explorer allows an unauthorized attacker to disclose information locally. |
| Integer overflow or wraparound in Windows Remote Access Service Infrastructure allows an authorized attacker to elevate privileges over a network. |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. |
| Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows NTFS allows an authorized attacker to elevate privileges locally. |
| Null pointer dereference in Windows SMB Server allows an authorized attacker to deny service over a network. |
| Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network. |