Lucene search
K

483 matches found

EUVD
EUVD
added 2 days ago8 views

EUVD-2026-42485

Out of bounds read and write in Codecs in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: High...

6AI score0.00187EPSS
Exploits0References3
CVE
CVE
added 3 days ago11 views

CVE-2026-15114

CVE-2026-15114 affects Google Chrome’s Codecs component, with out-of-bounds read/write that can lead to heap corruption via a specially crafted video file. Affected software: Google Chrome prior to version 150.0.7871.115. The Chromium/vulnerability notes describe a remote attacker could potential...

8.8CVSS6AI score0.00187EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-56633

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description An out-of-bounds read and write issue exists within the Codecs component. This flaw allows a remote attacker to potentially trigger heap corruption, which occurs when a program writes...

6AI score0.00187EPSS
Exploits0References5
OSV
OSV
added 5 days ago4 views

OESA-2026-2828 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A use-after-free...

6.5CVSS6.1AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40544

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.38 views

CVE-2026-36911

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.37 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00343EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 12:0 a.m.11 views

CVE-2026-36909

Summary of CVE-2026-36909 (MPC-BE): A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function in Aleksoid1978 MPC-BE prior to commit 4341cb3 allows a crafted MP4 file to trigger a Denial of Service. Affected component: MPC-BE (Aleksoid1978). Root cause: NULL pointer dereference in Get...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.4 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS0.00276EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

UBUNTU-CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.24 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

0.00276EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:37 p.m.16 views

CVE-2026-13858

CVE-2026-13858 involves an out-of-bounds read in FFmpeg when used by Google Chrome prior to version 150.0.7871.47. The vulnerability could allow a remote attacker to read process memory via a crafted video file, with the impact described as high confidentiality risk and no changes to integrity/av...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00276EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

Using “after free” in Codecs in Google Chrome before version 147.0.7727.101 allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted video file. Chromium security severity: High...

4.3CVSS6.6AI score0.00221EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out-of-bounds memory read via a crafted video file. Chromium security severity: Low...

8.1CVSS7.3AI score0.00189EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Chromium

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

8.8CVSS7.4AI score0.00195EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/23 7:53 p.m.6 views

CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00119EPSS
Exploits0
EUVD
EUVD
added 2026/06/23 6:31 p.m.7 views

EUVD-2025-210311

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a...

6.5CVSS5.9AI score0.00245EPSS
Exploits0References3
Rows per page
Query Builder