| 0 |
| url |
VCID-3194-1n1h-efd2 |
| vulnerability_id |
VCID-3194-1n1h-efd2 |
| summary |
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2, watchOS 11.4. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.). |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-24201
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3194-1n1h-efd2 |
|
| 1 |
| url |
VCID-518x-ten9-sfe3 |
| vulnerability_id |
VCID-518x-ten9-sfe3 |
| summary |
xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-55549
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-518x-ten9-sfe3 |
|
| 2 |
| url |
VCID-52g3-s35s-1kfd |
| vulnerability_id |
VCID-52g3-s35s-1kfd |
| summary |
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-2783
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-52g3-s35s-1kfd |
|
| 3 |
| url |
VCID-784x-3s4y-yfhz |
| vulnerability_id |
VCID-784x-3s4y-yfhz |
| summary |
Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0437
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-784x-3s4y-yfhz |
|
| 4 |
| url |
VCID-bf49-1ck1-5yb5 |
| vulnerability_id |
VCID-bf49-1ck1-5yb5 |
| summary |
Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-1919
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bf49-1ck1-5yb5 |
|
| 5 |
| url |
VCID-bt7a-eucw-gkbq |
| vulnerability_id |
VCID-bt7a-eucw-gkbq |
| summary |
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-24855
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
7.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bt7a-eucw-gkbq |
|
| 6 |
| url |
VCID-cpvf-r1hd-fuft |
| vulnerability_id |
VCID-cpvf-r1hd-fuft |
| summary |
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0443
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cpvf-r1hd-fuft |
|
| 7 |
| url |
VCID-cyc9-pwx3-afcn |
| vulnerability_id |
VCID-cyc9-pwx3-afcn |
| summary |
Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-3071
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cyc9-pwx3-afcn |
|
| 8 |
|
| 9 |
| url |
VCID-g7zz-3cqc-r7fz |
| vulnerability_id |
VCID-g7zz-3cqc-r7fz |
| summary |
Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-2136
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g7zz-3cqc-r7fz |
|
| 10 |
| url |
VCID-gvma-xgh1-vyfq |
| vulnerability_id |
VCID-gvma-xgh1-vyfq |
| summary |
Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0762
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gvma-xgh1-vyfq |
|
| 11 |
| url |
VCID-gyfz-x4y6-q3ck |
| vulnerability_id |
VCID-gyfz-x4y6-q3ck |
| summary |
Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0999
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gyfz-x4y6-q3ck |
|
| 12 |
| url |
VCID-jv7j-g928-gygt |
| vulnerability_id |
VCID-jv7j-g928-gygt |
| summary |
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2024-11477
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jv7j-g928-gygt |
|
| 13 |
| url |
VCID-k32f-bxt1-eqc8 |
| vulnerability_id |
VCID-k32f-bxt1-eqc8 |
| summary |
Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-3619
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k32f-bxt1-eqc8 |
|
| 14 |
| url |
VCID-k8s4-aje7-47gk |
| vulnerability_id |
VCID-k8s4-aje7-47gk |
| summary |
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0436
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k8s4-aje7-47gk |
|
| 15 |
| url |
VCID-mt59-p1kw-8udw |
| vulnerability_id |
VCID-mt59-p1kw-8udw |
| summary |
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2024-12694
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mt59-p1kw-8udw |
|
| 16 |
| url |
VCID-q5tg-3vrn-ybgk |
| vulnerability_id |
VCID-q5tg-3vrn-ybgk |
| summary |
Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-1918
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q5tg-3vrn-ybgk |
|
| 17 |
| url |
VCID-qtaa-hk3f-s3ff |
| vulnerability_id |
VCID-qtaa-hk3f-s3ff |
| summary |
Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0996
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qtaa-hk3f-s3ff |
|
| 18 |
| url |
VCID-r94b-j67a-nke5 |
| vulnerability_id |
VCID-r94b-j67a-nke5 |
| summary |
Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-1921
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r94b-j67a-nke5 |
|
| 19 |
| url |
VCID-tc51-r1mp-myhy |
| vulnerability_id |
VCID-tc51-r1mp-myhy |
| summary |
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2024-12693
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tc51-r1mp-myhy |
|
| 20 |
| url |
VCID-txfy-tq7t-t3fz |
| vulnerability_id |
VCID-txfy-tq7t-t3fz |
| summary |
Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-1006
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-txfy-tq7t-t3fz |
|
| 21 |
| url |
VCID-u2mf-1wmy-eqhs |
| vulnerability_id |
VCID-u2mf-1wmy-eqhs |
| summary |
Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-1426
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u2mf-1wmy-eqhs |
|
| 22 |
| url |
VCID-xe6e-yjg8-s3fp |
| vulnerability_id |
VCID-xe6e-yjg8-s3fp |
| summary |
Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0611
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xe6e-yjg8-s3fp |
|
| 23 |
| url |
VCID-xfq3-vetb-kqf2 |
| vulnerability_id |
VCID-xfq3-vetb-kqf2 |
| summary |
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0438
|
| risk_score |
2.6 |
| exploitability |
0.5 |
| weighted_severity |
5.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xfq3-vetb-kqf2 |
|
| 24 |
| url |
VCID-ycdj-tgds-jfd7 |
| vulnerability_id |
VCID-ycdj-tgds-jfd7 |
| summary |
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium) |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-0441
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ycdj-tgds-jfd7 |
|