CVE-2026-8531 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-8531

Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-8531

Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-8531

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-15 09:00:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mluxsbkknb2r 2026-05-17 18:00:00+00:00|...

Linux Distros Unpatched Vulnerability : CVE-2026-8531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted...

CVE-2026-5785 SQL Injection

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...

ZOHO ManageEngine Password Manager Pro和ZOHO ManageEngine PAM360 安全漏洞

ZOHO ManageEngine Password Manager Pro and ZOHO ManageEngine PAM360 are both products of ZOHO Corporation in the United States. ZOHO ManageEngine Password Manager Pro is a password manager. ZOHO ManageEngine PAM360 is a complete PAM software solution. It provides full privilege access security fo...

Microsoft Releases Out-of-Band Security Update to Mitigate Windows Server Update Service Vulnerability, CVE-2025-59287

Updated October 29, 2025 : CISA has updated this Alert to include revised information on vulnerable product identification, potential threat activity detections, and additional resources. Microsoft released an update to address a critical remote code execution vulnerability impacting Windows Serv...

Exploit for CVE-2025-59287

wsus-decoy Defensive proof of concept decoy for CVE-2025-5928...

CVE-2025-8531

creationtimestamp| type| source ---|---|--- 2025-09-19 10:52:07+00:00| seen| https://bsky.app/profile/potato.software/post/3lz6p3gsiww2y 2025-09-19 11:17:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lz6qjbfyrf2m 2025-09-23 10:00:00+00:00| seen|...

MAL-2025-8531 Malicious code in @malware-test-butyl-fiscs-absey-death/test-mlw3-butyl-fiscs-absey-death (npm)

The package @malware-test-butyl-fiscs-absey-death/test-mlw3-butyl-fiscs-absey-death was found to contain malicious code...

CVE-2019-8531

A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be truste...

CVE-2024-8531

CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root...

CVE-2024-8531

Summary: CVE-2024-8531 affects Schneider Electric EcoStruxure Data Center Expert. The flaw is improper verification of cryptographic signatures in upgrade bundles, allowing manipulation with arbitrary bash scripts that can be executed with root privileges (remote code execution). Affected product...

CVE-2024-8531

CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root...

CVE-2019-8531

CVE-2019-8531 is a validation issue in Apple’s Trust Anchor Management that could allow an untrusted radius server certificate to be trusted. The issue has a fixed validation pathway and patches were released across multiple Apple platforms: watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019...

CVE-2018-8531

Azure IoT Hub Device Client SDK (MQTT) has a remote code execution vulnerability due to memory access/corruption in the SDK, affecting the Hub Device Client SDK and Azure IoT Edge. The underlying issue is memory corruption in how in-memory objects are accessed, enabling arbitrary code execution u...

Security Bulletin: A cross-site scripting vulnerability has been identified in IBM Security Access Manager for Web (CVE-2015-8531)

Summary IBM Security Access Manager for Web is vulnerable to cross-site scripting attacks that could be used to steal the victim's authentication credentials. Vulnerability Details CVEID: CVE-2015-8531 DESCRIPTION: IBM Security Access Manager for Web is vulnerable to cross-site scripting, caused ...

Information disclosure

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Windows Graphics Information Disclosure Vulnerability". This...

Information disclosure

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Windows Graphics Information Disclosure Vulnerability". This...