Lucene search
K

27 matches found

Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25743

microsoftupdate securityupdate Edge Microsoft Edge Stable Channel Version 146.0.3856.59 ・CVE-2025-0385 ・CVE-2026-3910 「The Chromium team reported that CVE-2026-3910 has an exploit in the wild, and this update contains a fix for it.」...

8.8CVSS5.8AI score0.02EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/03/14 5:11 a.m.17 views

Chromium: CVE-2026-3910 Inappropriate implementation in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2026-3910 exists in the wild...

8.8CVSS6.1AI score0.02EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2026/03/09 10:59 p.m.13 views

About Remote Code Execution – Windows Shell (CVE-2026-21510) vulnerability

About Remote Code Execution - Windows Shell CVE-2026-21510 vulnerability. A vulnerability from the February Microsoft Patch Tuesday. The Windows Shell is the primary interface through which users interact with the Windows operating system. It includes visible elements such as the Desktop, Taskbar...

8.8CVSS6.6AI score0.25835EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2026/01/14 5:13 a.m.18 views

Patch Tuesday - January 2026

Microsoft is publishing 114 vulnerabilities this January 2026 Patch Tuesday. Today’s menu includes just one vulnerability marked as exploited in the wild, as well as two vulnerabilities where Microsoft is aware of public disclosure. There are no critical remote code execution or elevation of...

7.8CVSS8.7AI score0.17312EPSS
Exploits6
OPENSUSE Linux
OPENSUSE Linux
added 2025/12/14 12:0 a.m.9 views

Security update for chromium (important)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20161-1 Rating: important References: bsc1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Leap 16.0...

6.1CVSS7.2AI score0.00272EPSS
Exploits0References1
Wiz blog
Wiz blog
added 2025/12/10 3:0 p.m.8 views

Gogs 0-Day Exploited in the Wild

Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-8110...

8.8CVSS7AI score0.7654EPSS
Exploits15
The Hacker News
The Hacker News
added 2025/11/18 4:44 a.m.26 views

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 CVSS score: 8.8, a type confusion vulnerability in the V8 JavaScript and WebAssembly...

9.8CVSS7.5AI score0.09185EPSS
Exploits16
Microsoft CVE
Microsoft CVE
added 2025/07/16 11:31 p.m.10 views

Chromium: CVE-2025-6558 Incorrect validation of untrusted input in ANGLE and GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6558 exists in the wild...

8.8CVSS6.9AI score0.09185EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/07/02 12:0 a.m.9 views

Chromium: CVE-2025-6554 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6554 exists in the wild...

8.1CVSS6.9AI score0.06564EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.4 views

PT-2024-5630 · Microsoft · Windows Power Dependency Coordinator +1

Name of the Vulnerable Software and Affected Versions: Windows Power Dependency Coordinator affected versions not specified Description: The issue is related to the use of memory after it has been freed, which can allow an attacker to elevate their privileges. A successful exploit may allow for...

7.8CVSS8.5AI score0.01635EPSS
Exploits0References20
ATTACKERKB
ATTACKERKB
added 2024/07/01 12:0 a.m.103 views

CVE-2024-38475

Improper escaping of output in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure...

9.1CVSS7.8AI score0.99957EPSS
In wildExploits1References3
Microsoft CVE
Microsoft CVE
added 2024/05/25 3:41 p.m.70 views

Chromium: CVE-2024-5274 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2024-5274 exists in the wild...

9.6CVSS8.7AI score0.1002EPSS
Exploits3
OSV
OSV
added 2023/12/26 10:29 a.m.16 views

MGASA-2023-0355 New chromium-browser-stable 120.0.6099.129 fixes bugs and vulnerabilities

The chromium-browser-stable package has been updated to the 120.0.6099.129 release, fixing bugs and 20 vulnerabilities, together with 120.0.6099.109, 120.0.6099.71 and 120.0.6099.62; some of them are listed below. High CVE-2023-6508: Use after free in Media Stream. Reported by Cassidy...

8.8CVSS8.3AI score0.43238EPSS
Exploits3References7
OSV
OSV
added 2023/06/01 9:15 p.m.5 views

CVE-2023-27640

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter type in the /tshirtecommerce/fonts.php endpoint, to allow a remote attacker to traverse directories on the system in order to open files...

7.5CVSS5.8AI score0.03573EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.7 views

PT-2023-2243

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The issue is related to an elevation-of-privilege vulnerability in the Windows Common Log File System CLFS Driver. This vulnerability allows attackers to affect...

7.8CVSS9.2AI score0.48973EPSS
Exploits10References80
ATTACKERKB
ATTACKERKB
added 2022/10/19 12:0 a.m.53 views

CVE-2016-20017

D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS5.4AI score0.6043EPSS
In wildExploits1References4
The Hacker News
The Hacker News
added 2022/03/26 2:11 a.m.236 views

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Google on Friday shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited in the wild. Tracked as CVE-2022-1096, the zero-day flaw relates to a type confusion vulnerability in the V8 JavaScript engine. An...

8.8CVSS1AI score0.24237EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/09/25 6:39 a.m.232 views

Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability

Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a...

9.6CVSS0.2AI score0.70435EPSS
Exploits12
ArchLinux
ArchLinux
added 2021/03/13 12:0 a.m.199 views

[ASA-202103-9] chromium: arbitrary code execution

Arch Linux Security Advisory ASA-202103-9 ========================================= Severity: High Date : 2021-03-13 CVE-ID : CVE-2021-21191 CVE-2021-21192 CVE-2021-21193 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1683 Summary =======...

8.8CVSS1.5AI score0.0987EPSS
Exploits3References8
Mageia
Mageia
added 2016/12/05 9:49 p.m.69 views

Updated thunderbird packages fix security vulnerabilities

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash CVE-2016-5296. The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This...

9.8CVSS1AI score0.87598EPSS
Exploits18References6
Rows per page
Query Builder