Lucene search
K

739 matches found

RedhatCVE
RedhatCVE
added 2026/05/08 10:38 p.m.9 views

CVE-2026-7989

An insufficient data validation flaw was found in the DataTransfer component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498765082...

9CVSS5.7AI score0.00163EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/08 2:25 a.m.16 views

SUSE CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.9AI score0.00163EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.9 views

Chromium: CVE-2026-7989 Insufficient data validation in DataTransfer

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.2CVSS5.8AI score0.00163EPSS
Exploits0
EUVD
EUVD
added 2026/05/06 9:31 p.m.6 views

EUVD-2026-28081

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00163EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/06 7:16 p.m.9 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.9AI score0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 6:13 p.m.7 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00163EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:13 p.m.28 views

CVE-2026-7989

CVE-2026-7989 affects Google Chrome versions prior to 148.0.7778.96 due to insufficient data validation in DataTransfer within the renderer. A remote attacker who has compromised the renderer process could trigger arbitrary read/write via a crafted HTML page. The issue is documented across multip...

4.2CVSS6AI score0.00163EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:13 p.m.43 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

0.00163EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:13 p.m.8 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00163EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 6:13 p.m.9 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00163EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/06 6:13 p.m.8 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00163EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient data validation in the DataTransfer mechanism, which could allow remote attackers to execute...

4.2CVSS6.1AI score0.00163EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 5:16 p.m.8 views

CVE-2026-42467

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadBinaryDataTransferDM16 causing a denial of service via crafted CAN frame on the J1939 bus...

7.5CVSS0.00268EPSS
Exploits0References1
NVD
NVD
added 2026/05/01 5:16 p.m.5 views

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

8.1CVSS0.0022EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 12:0 a.m.6 views

EUVD-2026-26687

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

9.8CVSS5.9AI score0.00416EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.3 views

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

8.1CVSS5.9AI score0.0022EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 12:0 a.m.9 views

CVE-2026-37534

CVE-2026-37534 describes an integer underflow in Open-SAE-J1939 (Open-SAE-J1939_Read_Transport_Protocol_Data_Transfer) triggered by a crafted CAN frame sequence number, allowing an attacker to write to arbitrary memory. Affected component is SAE_J1939_Read_Transport_Protocol_Data_Transfer; root c...

9.8CVSS5.9AI score0.00416EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.3 views

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

8.1CVSS5.9AI score0.0022EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Open SAE J1939 输入验证错误漏洞

Open SAE J1939 is a CAN bus communication protocol library for industrial vehicles by Daniel Mårtensson, a private developer. Open SAE J1939 suffers from an input validation error vulnerability that stems from an integer underflow in the transport protocol data transfer processing resulting in an...

8.1CVSS5.8AI score0.0022EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.3 views

CVE-2026-42467

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadBinaryDataTransferDM16 causing a denial of service via crafted CAN frame on the J1939 bus...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References2
Rows per page
Query Builder