Lucene search
K

486663 matches found

RedHat Linux
RedHat Linux
added 2026/06/10 6:33 a.m.18 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS5.7AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 6:9 a.m.13 views

firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some ...

8.1CVSS5.7AI score0.00384EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/06/10 5:8 a.m.13 views

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers Protobuf, that, if successfully exploited, could result in remote code execution RCE and denial-of-service DoS attacks. "In affected environments, a...

8.7CVSS6.7AI score0.00587EPSS
Exploits0
OSV
OSV
added 2026/06/10 5:7 a.m.7 views

MGASA-2026-0188 Updated jq packages fix security vulnerabilities

An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. CVE-2024-23337 It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of...

8.7CVSS6AI score0.00559EPSS
Exploits7References10
GithubExploit
GithubExploit
added 2026/06/10 4:17 a.m.109 views

Exploit for Out-of-bounds Write in Mediatek Lr12A

CVE-2024-20154: NB-IoT SIB1-NB Stack Overflow in MediaTek MT67...

8.8CVSS8.1AI score0.03945EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.9 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

5.4CVSS6AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.9 views

CVE-2026-36723

An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem. This enables unauthorized access to...

8.8CVSS6.5AI score0.00998EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 2:37 a.m.6 views

CVE-2026-34993

A flaw was found in AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python. An attacker could exploit this vulnerability by providing untrusted input to the CookieJar.load function. This could potentially lead to arbitrary code execution, allowing the attacker to run malicio...

7.3CVSS5.8AI score0.00128EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/10 2:32 a.m.9 views

SUSE CVE-2026-11633

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...

8.8CVSS6AI score0.00232EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:32 a.m.7 views

SUSE CVE-2026-11637

Use after free in Views in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.7 views

SUSE CVE-2026-11639

Use after free in Compositing in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00275EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.6 views

SUSE CVE-2026-11641

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00275EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.7 views

SUSE CVE-2026-11643

Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.1CVSS6AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.6 views

SUSE CVE-2026-11644

Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

7.5CVSS6AI score0.00202EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.8 views

SUSE CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.01654EPSS
Exploits4References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.7 views

SUSE CVE-2026-11646

Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.7 views

SUSE CVE-2026-11649

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00314EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.6 views

SUSE CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00314EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.7 views

SUSE CVE-2026-11651

Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

9.6CVSS6AI score0.00337EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.8 views

SUSE CVE-2026-11657

Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00252EPSS
Exploits0References3
Rows per page
Query Builder