Lucene search
K

4227 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.11 views

Chromium: CVE-2026-10888 Use after free in Cast Streaming

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.4AI score0.00187EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34551

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00187EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.17 views

PT-2026-46984

Name of the Vulnerable Software and Affected Versions TP-Link Tapo C520WS v2 Description A denial-of-service issue exists in the RTSP server component due to improper handling of syntactically invalid input. An attacker can send crafted inputs to trigger a processing error, causing the RTSP servi...

7.1CVSS5.8AI score0.00206EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.8 views

TP-Link Tapo C520WS 安全漏洞

The TP-Link Tapo C520WS is a WiFi camera produced by the TP-Link company. The TP-Link Tapo C520WS v2 has a security vulnerability, which stems from the improper handling of invalid syntax inputs by the RTSP server component, potentially leading to a denial-of-service attack...

7.1CVSS5.3AI score0.00206EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-10888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via maliciou...

8.8CVSS6.1AI score0.00187EPSS
Exploits0References2
Zero Science Lab
Zero Science Lab
added 2026/06/05 12:0 a.m.48 views

Lyrion Music Server 9.2.0 (search.*) Multiple Script Insertions

Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...

6.1CVSS5.4AI score0.00158EPSS
Exploits2
OSV
OSV
added 2026/06/04 11:16 p.m.6 views

DEBIAN-CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS6AI score0.00187EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:16 p.m.9 views

CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS0.00187EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:3 p.m.7 views

CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

6.2AI score0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:3 p.m.35 views

CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

0.00187EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:3 p.m.38 views

CVE-2026-10888

CVE-2026-10888 affects Cast Streaming in Google Chrome, prior to version 149.0.7827.53. Description: use-after-free in Cast Streaming could be triggered by malicious network traffic on the local network segment, enabling arbitrary code execution. Severity: Critical; attack vector: adjacent (local...

8.8CVSS6.2AI score0.00187EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:3 p.m.8 views

CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS6AI score0.00187EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/04 11:58 a.m.11 views

CVE-2026-44353

A flaw was found in Streamlink. Its HLS HTTP Live Streaming and DASH Dynamic Adaptive Streaming over HTTP parsers do not properly validate the URI Uniform Resource Identifier scheme of segment entries. A remote attacker could craft a malicious HLS playlist or DASH manifest to include local file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References2
OSV
OSV
added 2026/06/03 9:16 a.m.28 views

USN-8344-3 python-pip vulnerability

USN-8344-1 introduced a regression in pip. This update provides a complete fix for this issue.. We apologize for the inconvenience. Original advisory details: It was discovered that pip's bundled urllib3 library improperly handled streaming decompression of highly compressed data. A remote attack...

8.9CVSS6.8AI score0.00622EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/06/03 9:16 a.m.14 views

USN-8344-3: pip vulnerability

USN-8344-1 introduced a regression in pip. This update provides a complete fix for this issue.. We apologize for the inconvenience. Original advisory details: It was discovered that pip's bundled urllib3 library improperly handled streaming decompression of highly compressed data. A remote attack...

8.9CVSS6.8AI score0.00622EPSS
Exploits0
NVD
NVD
added 2026/06/02 5:16 p.m.14 views

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS0.00305EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/02 4:13 p.m.12 views

EUVD-2026-33978

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS6.1AI score0.00305EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/02 4:13 p.m.9 views

CVE-2026-1871 Authenticated Stack-based Buffer Overflow in RTSP Authentication of Tapo C200

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS6.1AI score0.00305EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/02 4:13 p.m.38 views

CVE-2026-1871 Authenticated Stack-based Buffer Overflow in RTSP Authentication of Tapo C200

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS0.00305EPSS
Exploits0References4
Hacker One
Hacker One
added 2026/06/02 9:49 a.m.24 views

curl: RTSP Digest auth state leaks across origins on reused libcurl easy handle

Summary When a reused libcurl easy handle first authenticates to one RTSP origin with Digest authentication and is then switched to a different RTSP origin, libcurl can send the old origin's Digest authentication state to the new origin. The second RTSP server does not need to send a...

5.8AI score
Exploits0
Rows per page
Query Builder