4329 matches found
CVE-2026-8247
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary code. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025.1 up to and...
EUVD-2026-40464
Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...
CVE-2026-13884
Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Medium...
CVE-2026-13850
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...
DEBIAN-CVE-2026-13778
Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...
CVE-2026-13778
Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...
CVE-2026-13884
Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Medium...
CVE-2026-13850
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...
CVE-2026-13778
CVE-2026-13778 is a use-after-free vulnerability in WebUSB in Google Chrome on macOS, allowing a local attacker to execute arbitrary code via a malicious peripheral. Affected product: Google Chrome (Mac) prior to version 150.0.7871.47. The issue stems from a WebUSB use-after-free condition; explo...
rrdtool: rrdtool: Stack buffer overflow allows local code execution or denial of service
A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2026-13037
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a sandbox via a crafted...
CVE-2026-53192
A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. A race condition can occur during the release of a timer object, specifically when the SNDRVTIMERIOCTLPARAMS ioctl is called concurrently. This can lead to a use-after-free vulnerability, potentially...
DEBIAN-CVE-2026-13037
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13037
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13037
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13037
CVE-2026-13037 is a use-after-free vulnerability in WebView for Android within Google Chrome, before version 149.0.7827.197. The flaw allows a local attacker to run arbitrary code inside the sandbox via a crafted HTML page. Affected component: WebView in Chrome on Android; root cause: use-after-f...
CVE-2026-54328
Pi is a minimal terminal coding harness. From 0.74.0 until 0.78.1, Pi versions with temporary npm or git extension package installs used predictable paths under the operating system temporary directory. On Linux-based multi-user systems, a local attacker who can write to the shared temporary...
CVE-2023-54353
Chromacam 4.0.3.0 contains an unquoted service path vulnerability in the PsyFrameGrabberService that allows local attackers to execute arbitrary code by placing malicious executables in unquoted path directories. Attackers with write access to C:\ or subdirectories like C:\Program Files...
CVE-2016-20095
Matrix42 Remote Control Host 3.20.0031 contains an unquoted service path vulnerability in the FastViewerRemoteService and FastViewerRemoteProxy services that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can place a malicious executable in the Program Files...
CVE-2020-37250
TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during servi...