Lucene search
K

1272 matches found

Debian CVE
Debian CVE
added 2026/04/28 10:36 p.m.5 views

CVE-2026-7338

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

7.5CVSS5.4AI score0.00134EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/28 10:36 p.m.35 views

CVE-2026-7338

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

0.00134EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/28 10:36 p.m.5 views

CVE-2026-7349

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

5.8AI score0.00136EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/28 10:36 p.m.19 views

CVE-2026-7349

CVE-2026-7349 is a use-after-free in the Cast component of Google Chrome prior to version 147.0.7727.138 . An attacker on the local network segment could trigger the flaw via malicious network traffic to execute arbitrary code inside the browser sandbox. The vulnerability is listed with high seve...

7.5CVSS5.9AI score0.00136EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/28 10:36 p.m.4 views

CVE-2026-7349

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

5.8AI score0.00136EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/28 10:36 p.m.4 views

EUVD-2026-26175

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

5.8AI score0.00136EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/28 10:36 p.m.3 views

CVE-2026-7349

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

7.5CVSS5.9AI score0.00136EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/28 10:36 p.m.34 views

CVE-2026-7349

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

0.00136EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/28 10:36 p.m.8 views

CVE-2026-7349

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...

7.5CVSS5.9AI score0.00136EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.6 views

PT-2026-35838

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue in Cast allows an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Use after free is a memory corrupti...

9.6CVSS6AI score0.00433EPSS
Exploits0References37
Kaspersky
Kaspersky
added 2026/04/28 12:0 a.m.12 views

KLA91010 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Canvas can be exploited remotely to execute arbitrar...

9.6CVSS6.8AI score0.00433EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 147.0.7727.138, there was a resource management vulnerability that stemmed from the reuse of Cast components after their release. This vulnerability could allow attackers on the local network to exploit heap corruption...

7.5CVSS5.8AI score0.00134EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.138 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Cast components after their release, which could allow attackers on the local network to execute...

7.5CVSS6.2AI score0.00136EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2026/04/27 12:0 a.m.158 views

📄 Sequelize 6.37.7 SQL Injection

A remote SQL injection vulnerability exists Sequelize versions 6.37.7 and below in the JSON/JSONB where clause processing. When Sequelize parses a JSON path key containing ::, the value after :: is treated as a SQL cast type and is inserted into the generated SQL without proper validation. If an...

7.5CVSS5.8AI score0.00422EPSS
Exploits2
RustSec
RustSec
added 2026/04/24 12:0 p.m.11 views

Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend

Diesel allows users to output the generated SQL for any query DSL construct via th diesel::debugquery function as Display and Debug output. For the particular implementation used by batch Insert statements in the SQLite backend Diesel relied on an unspecified transmute between types with a reprru...

5.9AI score
Exploits0Affected Software1
NVD
NVD
added 2026/04/22 2:16 p.m.4 views

CVE-2026-31525

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...

7.8CVSS0.00129EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.5 views

PT-2026-34430

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6 Linux kernel versions prior to 6.12 Linux kernel versions prior to 6.18 Linux kernel versions prior to 6.19 Description A mismatch between the BPF verifier and the BPF interpreter in the Linux kernel allows f...

7.8CVSS5.5AI score0.00378EPSS
Exploits0References119
CVE
CVE
added 2026/04/21 1:33 a.m.32 views

CVE-2026-40250

OpenEXR CVE-2026-40250 affects multiple release series (3.4.0–3.4.9, 3.3.0–3.3.9, 3.2.0–3.2.7) where internal_dwa_compressor.h:1040 computes chan->width * chan->bytes_per_element using int32 arithmetic without a size_t cast, enabling an integer overflow in the DWA decoder outBufferEnd point...

8.4CVSS5.8AI score0.0045EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 1:30 a.m.6 views

CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS5.8AI score0.00427EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/21 1:30 a.m.49 views

CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS0.00427EPSS
Exploits0References4
Rows per page
Query Builder