Lucene search
K

5222 matches found

CVE
CVE
added 5 days ago57 views

CVE-2026-13933

CVE-2026-13933 concerns insufficient policy enforcement in the Passwords feature of Google Chrome, prior to version 150.0.7871.47. A remote attacker who has already compromised the renderer process could exfiltrate potentially sensitive data from process memory via a crafted HTML page. The CVE is...

5.3CVSS5.8AI score0.00256EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 5 days ago4 views

CVE-2026-13914

Inappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

5.5CVSS5.8AI score0.00113EPSS
Exploits0
CVE
CVE
added 5 days ago13 views

CVE-2026-13905

Chrome for iOS on Google Chrome (iOS) is affected by a race in versions prior to 150.0.7871.47, allowing a local attacker with physical access to potentially read confidential data from process memory. The issue is documented across CVE-2026-13905 and EUVD-2026-40591. Remediation is to upgrade to...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago21 views

CVE-2026-13879

Use after free in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Medium...

0.00156EPSS
Exploits0References2
Debian CVE
Debian CVE
added 5 days ago3 views

CVE-2026-13879

Use after free in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00156EPSS
Exploits0
Debian CVE
Debian CVE
added 5 days ago3 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00276EPSS
Exploits0
Cvelist
Cvelist
added 5 days ago21 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

0.00276EPSS
Exploits0References2
Debian CVE
Debian CVE
added 5 days ago4 views

CVE-2026-13819

Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.8AI score0.00308EPSS
Exploits0
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2026-58013

A flaw was found in GLib. A buffer over-read can occur in giochannelreadlinebackend in the giochannel.c file when a custom line terminator with a length greater than one is set, causing memcmp to read past the GString buffer. This vulnerability can cause a minor information disclosure of 7 bytes ...

8.2CVSS5.9AI score0.00329EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-54246

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the Media component allows a remote attacker who has already compromised the renderer process to retrieve potentially sensitive information from process memory...

5.3CVSS6AI score0.00271EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 5 days ago4 views

PT-2026-54217

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the Cast component allows an attacker on the local network segment to obtain potentially sensitive information from process memory by sending malicious network...

6.5CVSS5.9AI score0.00147EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-54226

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the GPU component allows a remote attacker who has already compromised the renderer process to retrieve potentially sensitive information from process memory. Th...

5.3CVSS6AI score0.0029EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-54365

Name of the Vulnerable Software and Affected Versions Google Chrome on ChromeOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the CameraCapture component allows a remote attacker to perform an out-of-bounds memory read, which occurs when a user visits a...

9.8CVSS6AI score0.00253EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-57437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document...

6.3CVSS6.1AI score0.00312EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/28 1:32 a.m.6 views

CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS5.9AI score0.00278EPSS
Exploits0
NVD
NVD
added 2026/06/26 10:16 p.m.9 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

4.6CVSS0.00113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 9:25 p.m.8 views

CVE-2026-57437

A flaw was found in Nokogiri, an XML and HTML library for Ruby. This vulnerability occurs when an application directly constructs an XPathContext and allows its associated document to be garbage collected while the context is still in use. An attacker could potentially exploit this by causing the...

6.3CVSS5.6AI score0.00312EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 10:41 a.m.5 views

EUVD-2026-39645

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS5.8AI score0.00172EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.4 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

4.6CVSS6AI score0.00113EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 12:0 a.m.21 views

CVE-2026-38571

Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 V603 allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write...

0.00113EPSS
Exploits0References1
Rows per page
Query Builder