CVE-2025-27244

CVE-2025-27244

Título es
CVE-2025-27244

Mié, 02/04/2025 – 04:15

Tipo
CWE-201

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27244

Descripción en
AssetView and AssetView CLOUD contain an issue with acquiring sensitive information from sent data to the developer. If exploited, sensitive information may be obtained by a remote unauthenticated attacker.

02/04/2025
02/04/2025
Vector CVSS:3.1
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
5.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

  • https://jvn.jp/en/jp/JVN26321838/

  • https://www.hammock.jp/assetview/info/250325.html

    • Enviar en el boletín
    Off

    CVE-2025-3066

    CVE-2025-3066

    Título es
    CVE-2025-3066

    Mié, 02/04/2025 – 01:15

    Tipo
    CWE-416

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3066

    Descripción en
    Use after free in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/405140652

    • Enviar en el boletín
    Off

    CVE-2025-29982

    CVE-2025-29982

    Título es
    CVE-2025-29982

    Mié, 02/04/2025 – 01:15

    Tipo
    CWE-277

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-29982

    Descripción en
    Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

    02/04/2025
    02/04/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.80

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://www.dell.com/support/kbdoc/en-us/000296515/dsa-2025-135

    • Enviar en el boletín
    Off

    CVE-2025-3074

    CVE-2025-3074

    Título es
    CVE-2025-3074

    Mié, 02/04/2025 – 01:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3074

    Descripción en
    Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/392818696

    • Enviar en el boletín
    Off

    CVE-2025-3073

    CVE-2025-3073

    Título es
    CVE-2025-3073

    Mié, 02/04/2025 – 01:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3073

    Descripción en
    Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/388680893

    • Enviar en el boletín
    Off

    CVE-2025-3072

    CVE-2025-3072

    Título es
    CVE-2025-3072

    Mié, 02/04/2025 – 01:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3072

    Descripción en
    Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/362545037

    • Enviar en el boletín
    Off

    CVE-2025-3071

    CVE-2025-3071

    Título es
    CVE-2025-3071

    Mié, 02/04/2025 – 01:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3071

    Descripción en
    Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/40051596

    • Enviar en el boletín
    Off

    CVE-2025-3070

    CVE-2025-3070

    Título es
    CVE-2025-3070

    Mié, 02/04/2025 – 01:15

    Tipo
    CWE-20

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3070

    Descripción en
    Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/40086360

    • Enviar en el boletín
    Off

    CVE-2025-3068

    CVE-2025-3068

    Título es
    CVE-2025-3068

    Mié, 02/04/2025 – 01:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3068

    Descripción en
    Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/401823929

    • Enviar en el boletín
    Off

    CVE-2025-3069

    CVE-2025-3069

    Título es
    CVE-2025-3069

    Mié, 02/04/2025 – 01:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-3069

    Descripción en
    Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

    02/04/2025
    02/04/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html

  • https://issues.chromium.org/issues/40060076

    • Enviar en el boletín
    Off