For individuals

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware allows requests to bypass CSRF checks. When the `security.checkOrigin`...

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration...

Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity:...

Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

An IDOR vulnerability in the edit-notes.php module of PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to modify notes belonging to other accounts due to missing...

An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing Management System v1.0 allows unauthorized users to delete notes belonging to other accounts due to missing...

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component.