CVE-2006-6834

CVE-2006-6834 - Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." ...
14 years ago

CVE-2008-6834 - Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/commupdate.php in a count action or (2) the heads ...
8 years ago

CVE-2016-9936 - The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability ...
7 years ago

CVE-2013-6834 - The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. ...
11 years ago

CVE-2014-6834 - The Instaroid - Instagram Viewer (aka net.muik.instaroid) application 1.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ...
11 years ago

CVE-2015-6834 - Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) ...
8 years ago

CVE-2018-6834 - static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href. ...
7 years ago

CVE-2017-6834 - Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file. ...
4 years ago

CVE-2019-6834 - A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker to execute arbitrary code on the targeted system with SYSTEM privileges when placing a malicious user to be authenticated for this vulnerability to be ...
3 years ago

CVE-2016-6834 - The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment ...
2 years ago

CVE-2025-0448 - Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) ...
1 year ago Tenable.com

CVE-2025-0447 - Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) ...
1 year ago Tenable.com

CVE-2025-0446 - Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: ...
1 year ago Tenable.com

CVE-2025-0443 - Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: ...
1 year ago Tenable.com

CVE-2025-0442 - Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) ...
1 year ago Tenable.com

CVE-2025-0441 - Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium) ...
1 year ago Tenable.com

CVE-2025-0440 - Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) ...
1 year ago Tenable.com

CVE-2025-0439 - Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) ...
1 year ago Tenable.com

CVE-2025-0438 - Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High) ...
1 year ago Tenable.com

CVE-2025-0437 - Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
1 year ago Tenable.com

CVE-2025-0436 - Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
1 year ago Tenable.com

CVE-2025-0435 - Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) ...
1 year ago Tenable.com

CVE-2025-0434 - Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
1 year ago Tenable.com

CVE-2025-0612 - Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
1 year ago Tenable.com

CVE-2025-0611 - Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) ...
1 year ago Tenable.com