Lucene search
K

215013 matches found

SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.7 views

SUSE CVE-2026-11665

Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00217EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.7 views

SUSE CVE-2026-11679

Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00179EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.6 views

SUSE CVE-2026-11680

Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00243EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.7 views

SUSE CVE-2026-11696

Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.5AI score0.00193EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48451

A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...

7.3CVSS6AI score0.00108EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.12 views

PT-2026-48455

During an internal security assessment, a potential vulnerability was discovered in Lenovo Accessories and Display Manager for Enterprise for Windows that could allow a local authenticated user to execute arbitrary code with elevated privileges...

8.5CVSS6AI score0.00102EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.14 views

PT-2026-48560

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

5.6CVSS5.9AI score0.00148EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.6 views

Cloud Files Security Review Tool

This code performs a defensive security assessment of Windows systems by reviewing configuration elements associated with Cloud Files components, environment manipulation opportunities, temporary file exposure, and Windows Error Reporting artifacts...

5.5AI score
Exploits0
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

Dulwich 路径遍历漏洞

Dulwich is a Python-based Git repository management interface developed by Jelmer Vernooij. Versions of Dulwich from 0.10.0 to 1.2.5 contained a path traversal vulnerability. This vulnerability stemmed from the fact that the path element verifier on Windows allowed filenames that were interpreted...

8.8CVSS6AI score0.00635EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.10 views

Lenovo Smart Connect 安全漏洞

Lenovo Smart Connect is a cross-device collaboration platform developed by China’s Lenovo Corporation. There is a security vulnerability in Lenovo Smart Connect for Windows. This vulnerability stems from a potential authentication bypass, which may allow locally authenticated users to execute...

7.3CVSS5.9AI score0.00108EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

bit7z 路径遍历漏洞

bit7z is a file compression/uncompression tool developed by Riccardo as an individual project. Versions of bit7z prior to 4.0.12 contained a path traversal vulnerability. This vulnerability stemmed from a one-byte error in the SafeOutPathBuilder::restoreSymlink function, which could allow attacke...

3.6CVSS5.3AI score0.00116EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48410

Name of the Vulnerable Software and Affected Versions Ghidra versions prior to 12.1 Description On Windows, improper escaping of cmd.exe metacharacters in URL annotation handling allows for command injection. This occurs when malicious URLs are embedded in program comments; if a user clicks these...

8.4CVSS5.7AI score0.00503EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48534

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink allows an attacker to craft a .7z archive that, when extracted with bit7z on any non-Windows platform,...

3.6CVSS5.5AI score0.00116EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : git (EulerOS-SA-2026-2331)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a...

7.4CVSS5.5AI score0.00268EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.8 views

TrueConf Windows Client < 8.5.3.884 Download of Code Without Integrity Check Vulnerability (CVE-2026-3502)

The version of TrueConf Windows Client installed on the remote host is prior to 8.5.3.884. It is, therefore, affected by a vulnerability: — A remote code execution vulnerability exists in the TrueConf Client update mechanism due to lack of cryptographic verification of update packages. An...

7.8CVSS7.2AI score0.0575EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : git (EulerOS-SA-2026-2288)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a...

7.4CVSS5.5AI score0.00268EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.28 views

OpenVPN ovpn-dco-win 安全漏洞

OpenVPN ovpn-dco-win is a virtual network adapter for Windows developed by OpenVPN. There are security vulnerabilities in versions 2.0.0 to 2.8.3 of OpenVPN ovpn-dco-win. These vulnerabilities stem from errors in buffer size calculations by the epoch key generator, which may allow remotely...

5.6CVSS5.8AI score0.00148EPSS
Exploits0References1
Krebs on Security
Krebs on Security
added 2026/06/09 10:7 p.m.15 views

A Record-Breaking Patch Tuesday for June 2026

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft's most dire "critical" rating, and...

7.5CVSS6.1AI score0.48438EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.11 views

CVE-2026-39908

OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...

7.1CVSS5.5AI score0.00314EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:31 p.m.9 views

EUVD-2026-35529

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.4AI score0.00662EPSS
Exploits0References2
Rows per page
Query Builder