CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

80 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в chromium

A heap buffer overflow in the Web Audio API in Google Chrome prior to version 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.5AI score0.00136EPSS

Exploits0References2

Positive Technologies•added 2026/05/14 12:0 a.m.•8 views

PT-2026-41053

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An out of bounds write in WebAudio allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. An out of bounds write occurs when a program writes...

8.8CVSS6.3AI score0.00148EPSS

Exploits0References84

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-8477

Malware in sbrugna...

5CVSS7.8AI score0.01542EPSS

Exploits0References20

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-1377

Malware in sbrugna...

4.3CVSS9.4AI score0.00602EPSS

Exploits0References16

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2015-4497

Malware in sbrugna...

10CVSS9.2AI score0.0291EPSS

Exploits0References16

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-3192

Malware in sbrugna...

5CVSS9.3AI score0.02166EPSS

Exploits0References16

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-6918

Malicious code in bioql PyPI...

8.1CVSS8.1AI score0.02108EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2023-23501

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.00136EPSS

Exploits0References6

RedhatCVE•added 2025/03/22 11:20 a.m.•7 views

CVE-2024-8060

OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows for arbitrary file upload. The application performs insufficient validation on the file.contenttype and allows user-controlled filenames, leading to a path traversal vulnerability...

8.1CVSS7.9AI score0.02108EPSS

Exploits0References1

Github Security Blog•added 2025/03/20 12:32 p.m.•14 views

Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions

8.1CVSS7.7AI score0.02108EPSS

Exploits0References4Affected Software1

OSV•added 2025/03/20 12:32 p.m.•4 views

GHSA-FF5C-56M7-VC75 Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions

8.1CVSS8.1AI score0.02108EPSS

Exploits0References4

NVD•added 2025/03/20 10:15 a.m.•6 views

CVE-2024-8060

8.1CVSS0.02108EPSS

Exploits0References1

CVE•added 2025/03/20 10:9 a.m.•70 views

CVE-2024-8060

OpenWebUI 0.3.0 is affected by a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows arbitrary file upload due to insufficient validation of file.content_type and user-controlled filenames, enabling path traversal. An authenticated user could overwrite critical files ...

8.1CVSS8.4AI score0.02108EPSS

Exploits0References1

CNNVD•added 2025/03/20 12:0 a.m.•1 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A code issue vulnerability exists in Open WebUI version 0.3.0, which stems from the audio API endpoint /audio/api/v1/transcriptions allowing arbitrary file uploads, which could lead to path...

8.1CVSS8.4AI score0.02108EPSS

Exploits0References1

Veracode•added 2023/03/18 1:47 p.m.•32 views

Denial Of Service (DoS)

Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the heap buffer overflow in the Web Audio API, which allows an attacker to potentially exploit heap corruption via a crafted HTML page, leading to an application crash...

8.8CVSS8.8AI score0.00136EPSS

Exploits0References3Affected Software2

Tenable Nessus•added 2023/03/14 12:0 a.m.•42 views

openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0068-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0068-1 advisory. - Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a...

8.8CVSS7.5AI score0.00385EPSS

Exploits7References50

Microsoft CVE•added 2023/03/13 7:0 a.m.•36 views

Chromium: CVE-2023-1222 Heap buffer overflow in Web Audio API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.7AI score0.00136EPSS

Exploits0

Kaspersky•added 2023/03/13 12:0 a.m.•42 views

KLA48544 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Policy enforcement...

8.8CVSS9AI score0.00385EPSS

Exploits7References23

CNVD•added 2023/03/13 12:0 a.m.•51 views

Google Chrome Web Audio API component buffer overflow vulnerability

Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in versions prior to Google Chrome 111.0.5563.64, which stems from a boundary error in the Web Audio API component when handling untrusted input. A remote attacker could exploit this vulnerability to cause hea...

8.8CVSS2.5AI score0.00136EPSS

Exploits0References1

SUSE CVE•added 2023/03/09 3:53 a.m.•1 views

SUSE CVE-2023-1222

Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS9.3AI score0.00136EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by