Lucene search
K

486609 matches found

Debian CVE
Debian CVE
added 2026/06/17 1:38 a.m.6 views

CVE-2026-12466

Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.00426EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/17 1:38 a.m.16 views

CVE-2026-12466

Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.00426EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 1:38 a.m.24 views

CVE-2026-12462

CVE-2026-12462 is a use-after-free in the Media component of Google Chrome before 149.0.7827.155. An attacker who has compromised the renderer process could trigger a crafted HTML page to execute arbitrary code inside Chrome’s sandbox. The vulnerability is tied to the Chromium-based Media stack a...

7.5CVSS6AI score0.00271EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/17 1:38 a.m.16 views

CVE-2026-12447

CVE-2026-12447 affects Google Chrome/WebRTC (Chromium). The issue is a heap buffer overflow in WebRTC that allows remote code execution via a crafted HTML page, affecting builds prior to 149.0.7827.155. Impact is a sandbox escape/total compromise of the browser process, per the cited descriptions...

8.8CVSS6.4AI score0.00417EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/17 1:38 a.m.5 views

CVE-2026-12447

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.00417EPSS
Exploits0
CVE
CVE
added 2026/06/17 1:38 a.m.30 views

CVE-2026-12443

CVE-2026-12443 is a use-after-free in Chrome’s Web Authentication implementation that could allow a remote attacker to execute arbitrary code via a crafted HTML page. Affected software: Google Chrome (Chromium). Underlying issue is in Web Authentication handling that leads to memory misuse. Impac...

8.8CVSS6AI score0.00601EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/17 1:38 a.m.7 views

CVE-2026-12443

Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00601EPSS
Exploits0
CVE
CVE
added 2026/06/17 1:38 a.m.25 views

CVE-2026-12442

The CVE-2026-12442 entry describes a use-after-free in Passwords in Google Chrome on Android before version 149.0.7827.155, allowing a remote attacker to execute arbitrary code via a crafted HTML page (Chromium security severity: Critical). Connected sources confirm this vulnerability affects Chr...

8.8CVSS6AI score0.00387EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/17 1:38 a.m.8 views

CVE-2026-12442

Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00387EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.5 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.4 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/17 12:0 a.m.17 views

CVE-2026-36418

JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeSelectApi endpoint passes user-supplied input directly to the Aviator expression engine without adequate validation allowing attackers to execute...

0.00471EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.19 views

PT-2026-50193

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue exists in the Web Authentication component. This allows a remote attacker to execute arbitrary code by inducing the user to open a specially crafted HTML page. U...

9.6CVSS6.3AI score0.00601EPSS
Exploits0References41
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50197

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A heap buffer overflow occurs in WebRTC, which is a framework that enables real-time communication such as voice and video calls within web browsers. This issue allows a remote attacke...

9.6CVSS6.5AI score0.00601EPSS
Exploits0References41
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50192

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.155 Description A use after free issue in the Passwords component allows a remote attacker to execute arbitrary code when a user accesses a specially crafted HTML page. Use after free is a...

9.6CVSS6.2AI score0.00601EPSS
Exploits0References38
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.20 views

PT-2026-50438

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source versions prior to 1.31.2-1.1 Description An issue exists in the ngx http proxy v2 module and ngx http grpc module modules. The problem occurs when the proxy http version is set to 2 ...

9.2CVSS7AI score0.02887EPSS
Exploits1References55
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.19 views

PT-2026-50439

Name of the Vulnerable Software and Affected Versions NGINX Open Source versions 1.31.0 through 1.31.1 NGINX Ingress Controller affected versions not specified NGINX Gateway Fabric affected versions not specified NGINX Instance Manager affected versions not specified Description A use-after-free...

9.2CVSS6.7AI score0.03299EPSS
Exploits3References79
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.14 views

PT-2026-50216

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A heap buffer overflow exists in WebRTC in Google Chrome on Windows. A remote attacker can execute arbitrary code by inducing the victim to open a crafted HTML page. A heap buffer...

9.6CVSS6.6AI score0.00601EPSS
Exploits0References41
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.14 views

PT-2026-50465

Name of the Vulnerable Software and Affected Versions JimuReport versions prior to 2.3.5 Description Remote code execution is possible due to improper handling of Aviator expressions. The '/jmreport/executeSelectApi' endpoint passes user-supplied input directly to the Aviator expression engine...

9.1CVSS6.5AI score0.00471EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/06/17 12:0 a.m.30 views

Important: dracut security update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References4
Rows per page
Query Builder