Lucene search
+L

567 matches found

EUVD
EUVD
added 2026/05/06 9:31 p.m.7 views

EUVD-2026-27989

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00163EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:49 p.m.5 views

CVE-2026-44111

OpenClaw before 2026.4.15 contains an arbitrary file read vulnerability in the QMD backend memoryget function that allows callers to read any Markdown files within the workspace root. Attackers with access to the memory tool can bypass path restrictions by providing arbitrary workspace Markdown...

4.3CVSS5.9AI score0.00226EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 7:16 p.m.8 views

CVE-2026-7964

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00176EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 6:13 p.m.7 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00163EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/06 6:13 p.m.45 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

0.00163EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/05/06 6:13 p.m.9 views

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00163EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.10 views

CVE-2026-7964

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00176EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:12 p.m.24 views

CVE-2026-7964

CVE-2026-7964 involves Chrome before 148.0.7778.96, where insufficient validation of untrusted input in the FileSystem component allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. The issue is rooted in inadequate input vali...

4.2CVSS6AI score0.00176EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.35 views

CVE-2026-7950

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. Chromium security severity: Medium...

0.00171EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/05/06 6:12 p.m.12 views

CVE-2026-7950

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. Chromium security severity: Medium...

5.4CVSS6AI score0.00171EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.11 views

CVE-2026-7912

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

6AI score0.00153EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 6:12 p.m.7 views

CVE-2026-7912

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

6AI score0.00153EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.62 views

CVE-2026-7912

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

0.00153EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:12 p.m.28 views

CVE-2026-7912

CVE-2026-7912 refers to an integer overflow in the GPU component of Google Chrome on Android before 148.0.7778.96. The issue allows a remote attacker who has already compromised the renderer process to perform arbitrary read/write via a crafted HTML page, potentially impacting confidentiality and...

4.2CVSS6AI score0.00153EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.13 views

RHCOS 4 : OpenShift Container Platform 4.6.17 (RHSA-2021:0423)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0423 advisory. - ant: insecure temporary file vulnerability CVE-2020-1945 - ant: insecure temporary file CVE-2020-11979 - jenkins: Arbitrary file...

8CVSS6.8AI score0.08235EPSS
Exploits0References29
Cvelist
Cvelist
added 2026/05/05 11:25 a.m.43 views

CVE-2026-43533 OpenClaw < 2026.4.10 - Arbitrary Local File Read via QQBot Media Tags

OpenClaw before 2026.4.10 contains an arbitrary file read vulnerability in QQBot media tags that allows attackers to reference host-local paths outside the intended media storage boundary. Attackers can craft malicious reply text containing media tags to disclose arbitrary local files through...

8.9CVSS0.00369EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.20 views

PT-2026-38182

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient data validation in DataTransfer allows a remote attacker who has compromised the renderer process to perform arbitrary read and write operations via a crafted HTML page...

9.6CVSS6AI score0.00344EPSS
Exploits0References136
RedhatCVE
RedhatCVE
added 2026/05/01 8:48 p.m.8 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS5.9AI score0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/05/01 12:0 p.m.7 views

RUSTSEC-2026-0117 Fragile bounds check when sampling from image

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

5.9AI score
Exploits0References2
NVD
NVD
added 2026/04/30 9:16 p.m.17 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS0.00104EPSS
Exploits0References1
Rows per page
Query Builder