5

CVSS3.1

CVE-2022-40733 -

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot.…

πŸ“… Published: Dec. 18, 2024, 10:35 p.m. πŸ”„ Last Modified: Aug. 26, 2025, 4:09 p.m.

5

CVSS3.1

CVE-2022-40732 -

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot.…

πŸ“… Published: Dec. 18, 2024, 10:34 p.m. πŸ”„ Last Modified: Aug. 26, 2025, 4:11 p.m.

8.8

CVSS3.1

CVE-2024-12695 -

Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 3:15 p.m.

8.8

CVSS3.1

CVE-2024-12694 -

Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 3:14 p.m.

8

CVSS3.1

CVE-2024-12693 -

Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: March 13, 2025, 5:15 p.m.

8.8

CVSS3.1

CVE-2024-12692 -

Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 3:14 p.m.

5.9

CVSS3.1

CVE-2024-56140 - Bypass of CSRF Middleware in Astro

Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware allows requests to bypass CSRF checks. When the `security.checkOrigin` configuration option is set to `true`, Astro middleware will perform a CSRF check. However, a vulnerability e…

πŸ“… Published: Dec. 18, 2024, 8:41 p.m. πŸ”„ Last Modified: Nov. 25, 2025, 1:42 p.m.

5.3

CVSS3.1

CVE-2024-45338 - Non-linear parsing of case-insensitive content in golang.org/x/net/html

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

πŸ“… Published: Dec. 18, 2024, 8:38 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.3

CVSS4.0

CVE-2024-56145 - RCE when PHP `register_argc_argv` config setting is enabled in craftcms/cms

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has `register_argc_argv` enabled. For these users an unspecified remote code execution vector is present…

πŸ“… Published: Dec. 18, 2024, 8:37 p.m. πŸ”„ Last Modified: Oct. 24, 2025, 2 p.m.

6.6

CVSS3.1

CVE-2024-12686 - Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.

πŸ“… Published: Dec. 18, 2024, 8:23 p.m. πŸ”„ Last Modified: Oct. 24, 2025, 1:43 p.m.
Total resulsts: 349182
Page 7418 of 34,919
Β« previous page Β» next page
Filters