Lucene search
K

483 matches found

Cvelist
Cvelist
added 2026/04/08 9:21 p.m.18 views

CVE-2026-5907

Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. Chromium security severity: Low...

0.00189EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 9:21 p.m.19 views

CVE-2026-5908

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

0.00195EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/04/08 9:21 p.m.7 views

CVE-2026-5908

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

8.8CVSS5.9AI score0.00195EPSS
Exploits0
Snyk
Snyk
added 2026/04/06 9:16 a.m.3 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the aviparseinputfile process. An attacker can cause application crashes or leak sensitive information from memory by convincing a user to open a specially crafted AVI file containing a truncated header sub-chunk...

7.1CVSS5.8AI score0.00178EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-27784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGIN...

8.5CVSS5.8AI score0.01031EPSS
Exploits0References2
OSV
OSV
added 2026/03/24 3:16 p.m.4 views

ALPINE-CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS6.1AI score0.00918EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/03/24 2:13 p.m.1 views

CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS6.1AI score0.00918EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/22 1:38 p.m.1 views

CVE-2019-25617

Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter...

6.9CVSS6AI score0.00127EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.6 views

PT-2026-31528

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description An integer overflow exists in the Media browser component of Google Chrome. Successful exploitation could allow a remote attacker to cause a denial-of-service through a specially crafte...

10CVSS5.8AI score0.00608EPSS
Exploits0References69
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.5 views

PT-2026-31526

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description An integer overflow issue exists in the Media component of Google Chrome. Successful exploitation of this issue could allow a remote attacker to cause a denial-of-service through a...

10CVSS5.8AI score0.00608EPSS
Exploits0References65
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.11 views

CVE-2022-27492

An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file...

7.8CVSS7.7AI score0.00511EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.3 views

CVE-2025-65406

A heap overflow in the MatroskaFile::createRTPSinkForTrackNumber function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via supplying a crafted MKV file...

6.6AI score0.00277EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/11/11 1:56 p.m.7 views

CVE-2025-11460

Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. Chromium security severity: High...

8.8CVSS9AI score0.00314EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.3 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

6.3CVSS8.3AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/06 10:26 p.m.11 views

CVE-2025-11460

Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. Chromium security severity: High...

0.00314EPSS
Exploits1References2
NVD
NVD
added 2025/11/06 10:15 p.m.3 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

6.3CVSS0.00222EPSS
Exploits0References2
OSV
OSV
added 2025/11/06 10:15 p.m.4 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

6.3CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2025/11/06 10:8 p.m.9 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

0.00222EPSS
Exploits0References2
CVE
CVE
added 2025/11/06 10:8 p.m.27 views

CVE-2025-11216

CVE-2025-11216: In Google Chrome on Mac, prior to Chromium 141.0.7390.54, an inappropriate Storage implementation allows a remote attacker to spoof domains via a crafted video file. Affected: Chrome/Chromium (Mac). Root cause: Storage handling flaw as described in the CVE. Impact: domain spoofing...

6.3CVSS5.8AI score0.00222EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2025/11/06 10:8 p.m.4 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

6.3CVSS8.2AI score0.00222EPSS
Exploits0
Rows per page
Query Builder