Lucene search
K

179 matches found

OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-14085

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14017

Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.2 views

DEBIAN-CVE-2026-13826

Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.2 views

DEBIAN-CVE-2026-13776

Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.8CVSS5.8AI score0.00343EPSS
Exploits0References1
OSV
OSV
added 2026/06/28 2:16 a.m.4 views

DEBIAN-CVE-2026-58055

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 10:17 p.m.2 views

DEBIAN-CVE-2026-6092

When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...

5.3CVSS5.7AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 11:16 p.m.7 views

DEBIAN-CVE-2026-46373

SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.1.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive nesting to any...

7.5CVSS5.5AI score0.00263EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 12:16 a.m.9 views

DEBIAN-CVE-2026-11686

Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 12:16 a.m.9 views

DEBIAN-CVE-2026-11634

Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.5AI score0.00252EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11126

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.4AI score0.00142EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:17 p.m.6 views

DEBIAN-CVE-2026-11079

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00216EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:16 p.m.6 views

DEBIAN-CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References1
OSV
OSV
added 2026/06/03 8:16 p.m.11 views

DEBIAN-CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.3CVSS5.4AI score0.00214EPSS
Exploits1References1
OSV
OSV
added 2026/05/31 11:16 p.m.4 views

DEBIAN-CVE-2026-10200

A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser. Performing a manipulation results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit has bee...

4.8CVSS5.9AI score0.00124EPSS
Exploits0References1
OSV
OSV
added 2026/05/28 11:16 p.m.12 views

DEBIAN-CVE-2026-9987

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

7.8CVSS6.2AI score0.00099EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 2:17 p.m.7 views

DEBIAN-CVE-2026-8391

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

5.3CVSS5.8AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 7:16 p.m.3 views

DEBIAN-CVE-2026-7997

Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...

7.8CVSS5.8AI score0.0008EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 4:16 p.m.8 views

DEBIAN-CVE-2025-70071

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

5.9CVSS5.8AI score0.00523EPSS
Exploits0References1
OSV
OSV
added 2026/04/13 3:17 p.m.4 views

DEBIAN-CVE-2026-30999

A heap buffer overflow in the avbprintfinalize function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS6AI score0.00452EPSS
Exploits1References1
OSV
OSV
added 2026/04/10 7:16 p.m.4 views

DEBIAN-CVE-2026-3446

When calling base64.b64decode or related functions the decoding process would stop after encountering the first padded quad regardless of whether there was more information to be processed. This can lead to data being accepted which may be processed differently by other implementations. Use...

6CVSS5.2AI score0.00188EPSS
Exploits0References1
Rows per page
Query Builder