Lucene search
K

560 matches found

Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.10 views

CVE-2026-7964

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00176EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:12 p.m.21 views

CVE-2026-7964

CVE-2026-7964 involves Chrome before 148.0.7778.96, where insufficient validation of untrusted input in the FileSystem component allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. The issue is rooted in inadequate input vali...

4.2CVSS6AI score0.00176EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.32 views

CVE-2026-7950

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. Chromium security severity: Medium...

0.00171EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/05/06 6:12 p.m.9 views

CVE-2026-7950

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. Chromium security severity: Medium...

5.4CVSS6AI score0.00171EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.58 views

CVE-2026-7912

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

0.00153EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:12 p.m.7 views

CVE-2026-7912

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

6AI score0.00153EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/06 6:12 p.m.25 views

CVE-2026-7912

CVE-2026-7912 refers to an integer overflow in the GPU component of Google Chrome on Android before 148.0.7778.96. The issue allows a remote attacker who has already compromised the renderer process to perform arbitrary read/write via a crafted HTML page, potentially impacting confidentiality and...

4.2CVSS6AI score0.00153EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.11 views

CVE-2026-7912

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

6AI score0.00153EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.12 views

RHCOS 4 : OpenShift Container Platform 4.6.17 (RHSA-2021:0423)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0423 advisory. - ant: insecure temporary file vulnerability CVE-2020-1945 - ant: insecure temporary file CVE-2020-11979 - jenkins: Arbitrary file...

8CVSS6.8AI score0.08235EPSS
Exploits0References29
Cvelist
Cvelist
added 2026/05/05 11:25 a.m.40 views

CVE-2026-43533 OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags

OpenClaw before 2026.4.10 contains an arbitrary file read vulnerability in QQBot media tags that allows attackers to reference host-local paths outside the intended media storage boundary. Attackers can craft malicious reply text containing media tags to disclose arbitrary local files through...

8.9CVSS0.00369EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.17 views

PT-2026-38182

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient data validation in DataTransfer allows a remote attacker who has compromised the renderer process to perform arbitrary read and write operations via a crafted HTML page...

9.6CVSS6AI score0.00344EPSS
Exploits0References136
RedhatCVE
RedhatCVE
added 2026/05/01 8:48 p.m.7 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS5.9AI score0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/05/01 12:0 p.m.6 views

RUSTSEC-2026-0117 Fragile bounds check when sampling from image

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

5.9AI score
Exploits0References2
NVD
NVD
added 2026/04/30 9:16 p.m.16 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/30 8:8 p.m.5 views

CVE-2026-33451 Arbitrary read/write vulnerability in Windows clients prior to 14.50

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS5.9AI score0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 8:8 p.m.10 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS5.5AI score0.00104EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/30 8:8 p.m.5 views

EUVD-2026-26423

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS5.4AI score0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 8:8 p.m.14 views

CVE-2026-33451

CVE-2026-33451 : An arbitrary read/write vulnerability exists in the Secure Access Windows client prior to version 14.50. With local control of the Windows client, an attacker can send malformed data to a documented API and elevate privileges to SYSTEM. The connected documents confirm the affecte...

8.5CVSS5.4AI score0.00104EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/30 8:8 p.m.31 views

CVE-2026-33451 Arbitrary read/write vulnerability in Windows clients prior to 14.50

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 12:11 p.m.8 views

CVE-2024-13971

The CVE-2024-13971 item covers Lobster_pro’s XML parser vulnerability prior to version 4.12.6-GA. The issue allows unauthenticated attackers to read files on the application server and adjacent network shares and to issue HTTP GET requests to arbitrary services via XML External Entities handling....

7.7CVSS5.5AI score0.0047EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder