477 matches found
CVE-2026-8515
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8515
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8515
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8515
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
EUVD-2026-30428
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
PT-2026-41044
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description A use after free issue in the Human Interface Device HID component allows a remote attacker to potentially perform a sandbox escape. This occurs when a user is convinced to perform...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a reuse issue in the HID component after release, which could allow remote attackers to exploit the situation by...
CVE-2026-43136
A flaw was found in the Linux kernel's Human Interface Device HID subsystem, specifically within the logitech-hidpp driver. A remote attacker, by connecting a specially crafted Universal Serial Bus USB device, could send malformed HID report descriptors that lack valid fields. This could lead to ...
EUVD-2026-27696
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidppgetreportlength Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be...
CVE-2026-43152 HID: hid-pl: handle probe errors
In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...
PT-2026-37591
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Fake USB devices can send report descriptors that bypass the input mapping hook. This causes the pm-input ep82 variable to remain NULL, which can lead to a system crash. This issue is...
CVE-2026-6534
A flaw was found in Wireshark. A remote attacker could exploit this vulnerability by crafting a malicious USB Human Interface Device HID protocol packet. This could lead to an infinite loop in the dissector, causing a denial of service DoS condition, making the application unresponsive. Mitigatio...
CVE-2026-43051
In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix out-of-bounds read in wacomintuosbtirq The wacomintuosbtirq function processes Bluetooth HID reports without sufficient bounds checking. A maliciously crafted short report can trigger an out-of-bounds read when...
CVE-2026-43048 HID: core: Mitigate potential OOB by removing bogus memset()
In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...
CVE-2026-43047 HID: multitouch: Check to ensure report responses match the request
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Check to ensure report responses match the request It is possible for a malicious or clumsy device to respond to a specific report's feature request using a completely different report ID. This can cause confusio...
SUSE CVE-2026-6534
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6534 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
EUVD-2026-26341
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6534
CVE-2026-6534 affects Wireshark’s USB HID protocol dissector, where inputs from affected USB HID data can trigger an infinite loop in Wireshark versions 4.6.0–4.6.4 and 4.4.0–4.4.14, leading to a denial of service. The CVSS 3.1 base score is 5.5 (MEDIUM) with a LOCAL attack vector, LOW attack com...
CVE-2026-6534 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...