1272 matches found
CVE-2026-7338
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...
CVE-2026-7338
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...
CVE-2026-7349
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...
CVE-2026-7349
CVE-2026-7349 is a use-after-free in the Cast component of Google Chrome prior to version 147.0.7727.138 . An attacker on the local network segment could trigger the flaw via malicious network traffic to execute arbitrary code inside the browser sandbox. The vulnerability is listed with high seve...
CVE-2026-7349
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...
EUVD-2026-26175
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...
CVE-2026-7349
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...
CVE-2026-7349
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...
CVE-2026-7349
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: High...
PT-2026-35838
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue in Cast allows an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Use after free is a memory corrupti...
KLA91010 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Canvas can be exploited remotely to execute arbitrar...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. In versions prior to 147.0.7727.138, there was a resource management vulnerability that stemmed from the reuse of Cast components after their release. This vulnerability could allow attackers on the local network to exploit heap corruption...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.138 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Cast components after their release, which could allow attackers on the local network to execute...
📄 Sequelize 6.37.7 SQL Injection
A remote SQL injection vulnerability exists Sequelize versions 6.37.7 and below in the JSON/JSONB where clause processing. When Sequelize parses a JSON path key containing ::, the value after :: is treated as a SQL cast type and is inserted into the generated SQL without proper validation. If an...
Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend
Diesel allows users to output the generated SQL for any query DSL construct via th diesel::debugquery function as Display and Debug output. For the particular implementation used by batch Insert statements in the SQLite backend Diesel relied on an unspecified transmute between types with a reprru...
CVE-2026-31525
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...
PT-2026-34430
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6 Linux kernel versions prior to 6.12 Linux kernel versions prior to 6.18 Linux kernel versions prior to 6.19 Description A mismatch between the BPF verifier and the BPF interpreter in the Linux kernel allows f...
CVE-2026-40250
OpenEXR CVE-2026-40250 affects multiple release series (3.4.0–3.4.9, 3.3.0–3.3.9, 3.2.0–3.2.7) where internal_dwa_compressor.h:1040 computes chan->width * chan->bytes_per_element using int32 arithmetic without a size_t cast, enabling an integer overflow in the DWA decoder outBufferEnd point...
CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...
CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...