Lucene search
K

660 matches found

NVD
NVD
added 4 days ago5 views

CVE-2026-7639

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

7.8CVSS0.00155EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-41154

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

7.8CVSS0.00167EPSS
Exploits0References1
CVE
CVE
added 4 days ago8 views

CVE-2026-45203

The CVE-2026-45203 entry concerns a TOCTOU issue in GPU DDK software used inside a Host VM. CVE records attribute a vulnerability in the rgxfw_hwperf_ufo() path where the command size is re-read after initial validation, enabling improper commands to reach GPU firmware and potentially trigger a m...

7.8CVSS6.1AI score0.00116EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-43039

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation...

6.1AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-45196

CVE-2026-45196 involves GPU DDK components (rgxfw_hwperf_hw) where unsanitized pointers from host-kernel inside a Host VM enable arbitrary GPU register writes via GPU Firmware commands, leading to privilege escalation. Exploitation is described as local with low privileges and no user interaction...

7.8CVSS6.1AI score0.00142EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-41154 GPU DDK - Incorrect Index Calculation in CMA Cleanup Path of AllocOSPages_Sparse

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

0.00167EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2026/07/03 12:0 a.m.8 views

KLA91127 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A remot...

6.5AI score
Exploits0References329
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40638

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0029EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40561

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute...

7.5CVSS6.5AI score0.0031EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-14049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain...

5.3CVSS6.2AI score0.00205EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-14049

Inappropriate implementation in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-13950

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.0029EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13875

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00281EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 p.m.7 views

DEBIAN-CVE-2026-13831

Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:16 p.m.5 views

CVE-2026-13831

Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.0031EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:16 p.m.5 views

CVE-2026-13789

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS0.00316EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14049

Inappropriate implementation in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.8AI score0.00205EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:39 p.m.154 views

CVE-2026-14049

CVE-2026-14049 affects Google Chrome versions with an inappropriate GPU implementation prior to 150.0.7871.47. A remote attacker who has compromised the renderer process can obtain potentially sensitive information from process memory via a crafted HTML page. Impact is described as Low severity; ...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13875

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00281EPSS
Exploits0
Rows per page
Query Builder