Lucene search
K

5260 matches found

Nuclei
Nuclei
added 15 hours ago41 views

Citrix Netscaler ADC & Gateway - Out-Of-Bounds Memory Read

The vulnerability would enable an attacker to remotely obtain sensitive information from a NetScaler appliance configured as a Gateway or AAA virtual server via a very commonly connected Web interface, and without requiring authentication. This bug is nearly identical to the Citrix Bleed...

8.2CVSS7AI score0.57633EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday32 views

CVE-2026-60103 Blender 3.0.0 - 5.1.2 Out-of-Bounds Read via crafted .blend SDNA block

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short memberindex value in the SDNA block. The memberindex field is used as an array index into...

6.8CVSS
Exploits0References3
NVD
NVD
added yesterday7 views

CVE-2026-9492

The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...

8.5CVSS0.00109EPSS
Exploits0References2
CVE
CVE
added yesterday20 views

CVE-2026-9492

CVE-2026-9492 affects Gigabyte Control Center (GCC) MBStorage DRAM lighting control module. The vulnerability resides in the MyPortIO_x64.sys driver, where improper access control allows authenticated local attackers to issue IOCTL commands that can read and write physical memory, leading to kern...

8.5CVSS6.1AI score0.00109EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-57918

Name of the Vulnerable Software and Affected Versions Crypt::OpenSSL::X509 versions prior to 2.1.3 Description A heap out-of-bounds read occurs when processing a long certificate extension Object Identifier OID in hv exts. This happens during the construction of the extension hash through the...

6.1AI score
Exploits0References6
NVD
NVD
added 4 days ago7 views

CVE-2026-55882

Tilt defines dev environments as code for microservice apps on Kubernetes. From 0.19.5 through 0.37.3, the Tilt HUD server mounts Go net/http/pprof handlers under /debug with no access control. When the HUD or apiserver listener is network-exposed, an unauthenticated caller can read process memor...

8.3CVSS0.00384EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42480

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

6AI score0.00125EPSS
Exploits0References3
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-42481

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6AI score0.00215EPSS
Exploits0References3
NVD
NVD
added 6 days ago6 views

CVE-2026-15108

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

4.3CVSS0.00125EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-15108

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

6AI score0.00125EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-15108

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

4.3CVSS6AI score0.00125EPSS
Exploits0
RedHat Linux
RedHat Linux
added 6 days ago4 views

gstreamer1-plugins-ugly-free: GStreamer: Out-of-bounds read in RealMedia demuxer FILEINFO metadata parser

A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...

7.1CVSS5.9AI score0.00221EPSS
Exploits0References4
NVD
NVD
added 6 days ago8 views

CVE-2026-57237

When the application opens a PDF and JavaScript modifies the properties of form fields, it causes the state of the underlying objects referenced by the program to become invalid. Eventually, it reads an illegal memory address, which leads to the crash of the application...

7.8CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42126

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary userid parameters or...

9.8CVSS6AI score0.00498EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 6 days ago6 views

PT-2026-56628

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description An uninitialized use in ANGLE allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update Google Chrom...

8.8CVSS6AI score0.00306EPSS
Exploits0References35
CVE
CVE
added 2026/07/07 10:11 p.m.22 views

CVE-2026-59705

CVE-2026-59705 concerns mem0’s openmemory/api component, where an unauthenticated access flaw allows reading, writing, and deleting arbitrary user memories via API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory ret...

9.8CVSS6AI score0.00498EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/07 4:2 p.m.12 views

CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/07 4:2 p.m.37 views

CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS0.0017EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 4:2 p.m.16 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation via the KernCoreLib64.sys kernel driver. An attacker with local access can use exposed IOCTL handlers to perform arbitrary physical memory read/write and unrestricted I/O port operations without administrator privileges. This can enable ma...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 12:31 a.m.11 views

EUVD-2026-41193

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00224EPSS
Exploits0References3
Rows per page
Query Builder