Lucene search
K

477 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.6 views

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.8AI score0.00207EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/14 7:52 p.m.8 views

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.8AI score0.00207EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 7:52 p.m.37 views

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00207EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/05/14 7:52 p.m.10 views

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00207EPSS
Exploits0
EUVD
EUVD
added 2026/05/14 7:52 p.m.11 views

EUVD-2026-30428

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.10 views

PT-2026-41044

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description A use after free issue in the Human Interface Device HID component allows a remote attacker to potentially perform a sandbox escape. This occurs when a user is convinced to perform...

8.8CVSS5.8AI score0.00498EPSS
Exploits0References84
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a reuse issue in the HID component after release, which could allow remote attackers to exploit the situation by...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/06 6:23 p.m.9 views

CVE-2026-43136

A flaw was found in the Linux kernel's Human Interface Device HID subsystem, specifically within the logitech-hidpp driver. A remote attacker, by connecting a specially crafted Universal Serial Bus USB device, could send malformed HID report descriptors that lack valid fields. This could lead to ...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.8 views

EUVD-2026-27696

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidppgetreportlength Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be...

5.7AI score0.00128EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.30 views

CVE-2026-43152 HID: hid-pl: handle probe errors

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

0.00128EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37591

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Fake USB devices can send report descriptors that bypass the input mapping hook. This causes the pm-input ep82 variable to remain NULL, which can lead to a system crash. This issue is...

5.5CVSS5.8AI score0.00123EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/04 9:18 a.m.11 views

CVE-2026-6534

A flaw was found in Wireshark. A remote attacker could exploit this vulnerability by crafting a malicious USB Human Interface Device HID protocol packet. This could lead to an infinite loop in the dissector, causing a denial of service DoS condition, making the application unresponsive. Mitigatio...

5.5CVSS5.8AI score0.0018EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:15 p.m.5 views

CVE-2026-43051

In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix out-of-bounds read in wacomintuosbtirq The wacomintuosbtirq function processes Bluetooth HID reports without sufficient bounds checking. A maliciously crafted short report can trigger an out-of-bounds read when...

8.1CVSS5.8AI score0.00255EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.34 views

CVE-2026-43048 HID: core: Mitigate potential OOB by removing bogus memset()

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

8.8CVSS0.00241EPSS
Exploits0References3
OSV
OSV
added 2026/05/01 2:15 p.m.2 views

CVE-2026-43047 HID: multitouch: Check to ensure report responses match the request

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Check to ensure report responses match the request It is possible for a malicious or clumsy device to respond to a specific report's feature request using a completely different report ID. This can cause confusio...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/01 2:11 a.m.11 views

SUSE CVE-2026-6534

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.0018EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/30 5:36 a.m.13 views

CVE-2026-6534 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.1AI score0.0018EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/30 5:36 a.m.6 views

EUVD-2026-26341

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.1AI score0.0018EPSS
Exploits1References2
CVE
CVE
added 2026/04/30 5:36 a.m.30 views

CVE-2026-6534

CVE-2026-6534 affects Wireshark’s USB HID protocol dissector, where inputs from affected USB HID data can trigger an infinite loop in Wireshark versions 4.6.0–4.6.4 and 4.4.0–4.4.14, leading to a denial of service. The CVSS 3.1 base score is 5.5 (MEDIUM) with a LOCAL attack vector, LOW attack com...

5.5CVSS5.1AI score0.0018EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/30 5:36 a.m.42 views

CVE-2026-6534 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS0.0018EPSS
Exploits1References2
Rows per page
Query Builder