| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'podlove_handle_cache_files' function in all versions up to, and including, 4.5.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. |
| Soup Sieve is a CSS selector library designed to be used with Beautiful Soup 4. Prior to 2.8.4, the CSS selector parser in soupsieve contains a regular expression vulnerable to catastrophic backtracking when processing an attribute selector with an unterminated quoted value in soupsieve/css_parser.py, allowing an attacker who can supply untrusted CSS selector strings to soupsieve.compile() or Beautiful Soup .select() / .select_one() to cause CPU exhaustion and denial of service. This issue is fixed in version 2.8.4. |
| Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) |
| Use after free in Core in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
| Use after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
| Symfony Polyfill backports PHP features and provides compatibility layers for extensions and functions. From 1.17.1 until 1.38.1, symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload is empty or decodes to ASCII-only code points because Idn::process() does not enforce the UTS #46 revision 33 requirement that decoded ACE labels contain at least one non-ASCII code point. Originally unequal domain names can be regarded as equal, which can lead to blacklist bypassing, inconsistent URL parsing, and server-side request forgery in applications using the polyfill to canonicalise or compare hostnames. This issue is fixed in version 1.38.1. |
| 7-Zip for Windows through 26.01 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM record named ':Zone.Identifier:$DATA' is not matched and NTFS canonicalizes it to the same stream, overwriting the propagated Internet-zone marker with ZoneId=0. A second STM record named '::$DATA' overwrites the extracted file's default data stream, letting an attacker defeat SmartScreen/MotW warnings and spoof file content. |
| Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. |
| Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. |
| Heap-based buffer overflow in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network. |
| Loop with unreachable exit condition ('infinite loop') in Windows Active Directory allows an unauthorized attacker to deny service over a network. |
| Loop with unreachable exit condition ('infinite loop') in Azure Active Directory allows an unauthorized attacker to deny service over a network. |
| Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network. |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. |
| Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network. |
| Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network. |
| Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network. |
| Use after free in Windows Virtual Filtering Platform (VFP) allows an authorized attacker to deny service over a network. |