Lucene search
K

1266 matches found

Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46786

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00182EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.12 views

PT-2026-46803

Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. Chromium security severity: Low...

5.8AI score0.0008EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/02 8:49 a.m.15 views

Security Bulletin: Multiple vulnerabilities in IBM Security QRadar EDR Software

Summary Multiple vulnerabilities were addressed in IBM Security QRadar EDR Software version 3.12.25 Vulnerability Details CVEID:CVE-2026-30951 DESCRIPTION: Sequelize is a Node.js ORM tool. Prior to 6.37.8, there is SQL injection via unescaped cast type in JSON/JSONB where clause processing. The...

8.7CVSS7.5AI score0.02228EPSS
Exploits9Affected Software1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2026/06/02 12:0 a.m.9 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 149 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 149.0.7827.53 Linux 149.0.7827.53/54 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...

9.6CVSS6AI score0.00493EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Payments is one of the payment components included in Google Chrome. Blink is a browser rendering engine developed jointly by Google Inc. and Opera Software AB in Norway. V8 is an open-source JavaScript engine used in...

8.8CVSS5.5AI score0.00183EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Cast Streaming component’s ability to reuse resources after they were released, potentially allowing attacker...

8.8CVSS5.9AI score0.00187EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of non-trusted inputs in Cast. A remote attacker could exploit this vulnerabilit...

6.5CVSS5.4AI score0.00209EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from insufficient validation of untrusted inputs by the Cast component...

8CVSS5.2AI score0.00112EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.14 views

PT-2026-46455

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the Cast component. This allows an attacker located on the same local network segment to execute arbitrary code by sending malicious network traffic...

9.6CVSS6.3AI score0.00985EPSS
Exploits0References434
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-46417

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in Cast Streaming. This allows an attacker located on the same local network segment to execute arbitrary code by sending malicious network traffic. Use...

9.6CVSS6.3AI score0.00985EPSS
Exploits0References435
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.9 views

PT-2026-46597

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Cast component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document o...

9.6CVSS5.8AI score0.00411EPSS
Exploits0References437
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.10 views

PT-2026-46419

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Cast allows an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Use after free is a condition where ...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References435
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.11 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-46597)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-46597 advisory. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM pack...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.13 views

SUSE CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.8 views

CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS0.00129EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.3 views

CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.44 views

CVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds check

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/05/27 12:56 p.m.23 views

CVE-2026-46006

The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/05/22 4:16 a.m.5 views

UBUNTU-CVE-2026-46598

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References6
Rows per page
Query Builder