| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
| Memory corruption during concurrent buffer access due to modification of the reference count. |
| Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
| Memory corruption while encoding JPEG format. |
| Memory corruption during array access in Camera kernel due to invalid index from invalid command data. |
| In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. |
| Memory corruption Camera kernel when large number of devices are attached through userspace. |
| Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
| Memory corruption while prociesing command buffer buffer in OPE module. |
| Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information. |
| Memory corruption while acquire and update IOCTLs during IFE output resource ID validation. |
| Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check. |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. |
| Memory corruption while reading secure file. |
| Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. |
| Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. |
| Memory corruption while triggering commands in the PlayReady Trusted application. |
| In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution. |
