CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

97 matches found

Chromium: CVE-2026-11161 Insufficient data validation in DataTransfer

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.4AI score0.00012EPSS

Exploits0

Debian CVE•added 2026/05/06 6:12 p.m.•3 views

CVE-2026-7915

Insufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00009EPSS

Exploits0

Positive Technologies•added 2026/02/10 12:0 a.m.•2 views

PT-2026-7251

Name of the Vulnerable Software and Affected Versions NX versions prior to 2512 Description The application contains a data validation issue that may allow an attacker with local access to manipulate internal data during the PDF export process. This could potentially lead to arbitrary code...

7.8CVSS5.8AI score0.00007EPSS

Exploits0References6

Positive Technologies•added 2026/01/28 12:0 a.m.•3 views

PT-2026-5103

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

8.2CVSS5.9AI score0.00033EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 12:32 p.m.•5 views

CVE-2023-4369

Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.1AI score0.00081EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:29 a.m.•5 views

CVE-2021-27488

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. This could result in an out-of-bounds write past the end of an allocated structure. An...

7.8CVSS7.2AI score0.00404EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:21 a.m.•4 views

CVE-2021-22804

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause disclosure of arbitrary files being read in the context of the user running IGSS, due to missing validation of user supplied data in network messages. Affected Product: Interactive Graphica...

7.5CVSS6.7AI score0.0049EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:50 a.m.•8 views

CVE-2021-31490

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.00477EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:40 a.m.•5 views

CVE-2022-35870

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

8.8CVSS7.5AI score0.19374EPSS

Exploits0References1