Lucene search
K

2433 matches found

RedHat Linux
RedHat Linux
added 2026/06/16 7:18 a.m.6 views

wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark

A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service...

7.5CVSS5.1AI score0.00184EPSS
Exploits2References6
Cvelist
Cvelist
added 2026/06/15 10:2 a.m.37 views

CVE-2026-34021 Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

8.6CVSS0.00196EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/11 11:39 a.m.7 views

kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

7.8CVSS5.5AI score0.00128EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 8:9 p.m.7 views

kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

7.8CVSS5.5AI score0.00128EPSS
Exploits0References5
OSV
OSV
added 2026/06/09 4:22 p.m.13 views

USN-8412-1 qemu vulnerabilities

Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly handled certain responses from an iSCSI server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary...

8.2CVSS7.7AI score0.04018EPSS
Exploits10References40
RedhatCVE
RedhatCVE
added 2026/06/08 2:59 p.m.5 views

CVE-2026-40510

A flaw was found in OpenSC. A physically present attacker can exploit a stack buffer overflow vulnerability in the pivprocesshistory function by presenting a specially crafted Personal Identity Verification PIV smart card or USB device. This can lead to memory corruption within the system,...

6.8CVSS5.5AI score0.00216EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/07 4:42 a.m.10 views

SUSE CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.7 views

CVE-2026-47104

A flaw was found in libusb. This out-of-bounds read vulnerability allows a local attacker, particularly in virtualized environments utilizing USB passthrough, to trigger a denial of service. By providing a malformed USB descriptor, the attacker can cause the software to read beyond its allocated...

5.5CVSS5.2AI score0.0013EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.8 views

CVE-2026-47272

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

7.1CVSS5.5AI score0.00119EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40851

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability...

8.4CVSS5.6AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34649

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00234EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34458

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00325EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 11:17 p.m.8 views

CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00234EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.12 views

CVE-2026-11009

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS0.00325EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11009

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00325EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:5 p.m.29 views

CVE-2026-11188

The connected sources confirm CVE-2026-11188 is a use-after-free in the USB handling of Google Chrome on Android, prior to version 149.0.7827.53, enabling a remote attacker to potentially escape the sandbox via a crafted HTML page. Affected software: Google Chrome on Android; vulnerable component...

8.8CVSS5.8AI score0.00234EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.33 views

CVE-2026-11009

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00325EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.25 views

CVE-2026-11009

CVE-2026-11009 is a use-after-free vulnerability in Chrome’s USB handling on Windows prior to 149.0.7827.53 that could allow a remote attacker to escape the sandbox via a crafted HTML page. The issue is reported for Chromium-based Chrome (severity: Medium) and is treated as a high-severity, high-...

9.6CVSS5.8AI score0.00325EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/04 1:4 p.m.7 views

kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()

A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...

9.8CVSS6.3AI score0.00311EPSS
Exploits0References5
Rows per page
Query Builder