Lucene search
K

1272 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/20 12:0 a.m.6 views

Fedora 43 : chromium (2026-d3c82235d4)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d3c82235d4 advisory. Update to 147.0.7727.101 Critical CVE-2026-6296: Heap buffer overflow in ANGLE Critical CVE-2026-6297: Use after free in Proxy Critical CVE-2026-629...

9.6CVSS6.1AI score0.00372EPSS
Exploits2References32
Microsoft CVE
Microsoft CVE
added 2026/04/17 2:0 p.m.6 views

Chromium: CVE-2026-6317 Use after free in Cast

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.7AI score0.00341EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/17 12:4 p.m.7 views

SUSE CVE-2026-6317

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00341EPSS
Exploits0References3
CNVD
CNVD
added 2026/04/16 12:0 a.m.7 views

Google Chrome Cast Memory Misreference Vulnerability

Google Chrome is a web browser developed by Google. Google Chrome suffers from a memory misreference vulnerability. The vulnerability stems from a failure of the Cast component to properly handle memory objects and can be exploited by an attacker to execute arbitrary code via a specially crafted...

8.8CVSS6.2AI score0.00341EPSS
Exploits0
EUVD
EUVD
added 2026/04/15 9:30 p.m.4 views

EUVD-2026-23076

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00341EPSS
Exploits0References3
NVD
NVD
added 2026/04/15 8:16 p.m.4 views

CVE-2026-6317

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00341EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/15 7:4 p.m.17 views

CVE-2026-6317

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.00341EPSS
Exploits0References2
CVE
CVE
added 2026/04/15 7:4 p.m.13 views

CVE-2026-6317

CVE-2026-6317: Use-after-free in the Cast component of Google Chrome prior to 147.0.7727.101 allows a remote attacker to execute arbitrary code via a crafted HTML page. Impact is high; upgrade to Chrome 147.0.7727.101 or later to mitigate. No exploitation details are provided in the documents.

8.8CVSS6.2AI score0.00341EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/15 7:4 p.m.5 views

CVE-2026-6317

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00341EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/15 7:4 p.m.5 views

CVE-2026-6317

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00341EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/15 7:4 p.m.2 views

CVE-2026-6317

Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00341EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. Google Chrome suffers from a memory misreference vulnerability. The vulnerability stems from a failure of the Cast component to properly handle memory objects and can be exploited by an attacker to execute arbitrary code via a specially crafted...

8.8CVSS6.2AI score0.00341EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/04/08 1:18 p.m.43 views

curl: libcurl: Integer truncation in curl_easy_ssls_import() causes TLS sessions to never expire

Summary: curleasysslsimport deserializes a TLS session blob and stores it in the in-memory session cache. In Curlsslsessionunpack lib/vtls/vtlsspack.c:311, the validuntil field is read as uint64t and cast directly to curlofft int64t with no bounds check — so a crafted blob encoding validuntil =...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.3 views

PT-2026-33155

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A use after free issue in Cast allows a remote attacker to execute arbitrary code via a crafted HTML page. Use after free is a memory corruption flaw that occurs when an application...

10CVSS6.2AI score0.00372EPSS
Exploits2References39
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-35849

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue in Cast allows an attacker on the local network segment to execute arbitrary code inside a sandbox by sending malicious network traffic. Use after free is a memo...

9.6CVSS6.4AI score0.00433EPSS
Exploits0References39
RedhatCVE
RedhatCVE
added 2026/04/03 11:1 p.m.3 views

CVE-2026-34593

Ash Framework is a declarative, extensible framework for building Elixir applications. Prior to version 3.22.0, Ash.Type.Module.castinput/2 unconditionally creates a new Erlang atom via Module.concatvalue for any user-supplied binary string that starts with "Elixir.", before verifying whether the...

8.2CVSS5.8AI score0.00423EPSS
Exploits1References1
NVD
NVD
added 2026/04/02 6:16 p.m.2 views

CVE-2026-34610

The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when storing the Common Name CN length. An attacker who crafts a certificate with CN = victim's CN +...

5.9CVSS0.00162EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.8 views

Ash Framework 资源管理错误漏洞

Ash Framework is an open-source framework used for building Elixir applications. Versions of Ash Framework prior to 3.22.0 contained a resource management vulnerability. This vulnerability stems from Ash.Type.Module.castinput/2, which “Elixir.”, thereby creating new Erlang atoms. This could lead ...

8.2CVSS5.8AI score0.00423EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/01 5:1 a.m.5 views

CVE-2026-30282

An arbitrary file overwrite vulnerability in UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 allows attackers to overwrite critical internal files via the file import process, leading to arbtrary code execution or information exposure...

9CVSS6.4AI score0.00376EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/31 6:31 p.m.3 views

EUVD-2026-17542

An arbitrary file overwrite vulnerability in UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 allows attackers to overwrite critical internal files via the file import process, leading to arbtrary code execution or information exposure...

9CVSS6.4AI score0.00376EPSS
Exploits0References5
Rows per page
Query Builder