| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium) |
| Memory corruption when blob structure is modified by user-space after kernel verification. |
| Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
| Memory corruption during concurrent buffer access due to modification of the reference count. |
| Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
| Memory corruption while encoding JPEG format. |
| Memory corruption during array access in Camera kernel due to invalid index from invalid command data. |
| In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. |
| Memory corruption Camera kernel when large number of devices are attached through userspace. |
| Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
| Memory corruption while prociesing command buffer buffer in OPE module. |
| Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information. |
| Memory corruption while acquire and update IOCTLs during IFE output resource ID validation. |
| Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check. |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. |
| Memory corruption while reading secure file. |
| Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. |
| Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. |
