Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

728 matches found

NVD
NVDadded 3 days ago7 views

CVE-2025-60485

A segmentation violation in the gfisomapplesettagex function /isomedia/isomwrite.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00012EPSS
Exploits0References5
EUVD
EUVDadded 3 days ago6 views

EUVD-2025-210002

A heap buffer overflow in the m2tsdmxsendpacket function filters/dmxm2ts.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS6AI score0.00012EPSS
Exploits0References3
Debian CVE
Debian CVEadded 3 days ago5 views

CVE-2025-60485

A segmentation violation in the gfisomapplesettagex function /isomedia/isomwrite.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.8AI score0.00012EPSS
Exploits0
CVE
CVEadded 3 days ago9 views

CVE-2025-55664

CVE-2025-55664: A heap buffer overflow in GPAC MP4Box v2.4 affects the m2tsdmx_send_packet function (filters/dmx_m2ts.c). This can lead to Denial of Service when processing a crafted MP4 file. Connected sources confirm the vulnerable component and impact; no explicit exploitation details or activ...

5.5CVSS6AI score0.00012EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 3 days ago6 views

CVE-2025-60485

A segmentation violation in the gfisomapplesettagex function /isomedia/isomwrite.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.8AI score0.00012EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 5 days ago8 views

SUSE CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS5.8AI score0.00012EPSS
Exploits0References3
EUVD
EUVDadded 6 days ago7 views

EUVD-2026-33131

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

5.8AI score0.00012EPSS
Exploits0References3
OSV
OSVadded last week2 views

DEBIAN-CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS5.8AI score0.00012EPSS
Exploits0References1
NVD
NVDadded last week6 views

CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS0.00012EPSS
Exploits0References2
Debian CVE
Debian CVEadded last week6 views

CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS5.8AI score0.00012EPSS
Exploits0
CVE
CVEadded last week9 views

CVE-2026-9989

The CVE-2026-9989 entry concerns Google Chrome’s Media component, with an inappropriate implementation that allowed a remote attacker to bypass the same-origin policy via a crafted video file. Affected software is Google Chrome prior to 148.0.7778.216; impact is the bypass of SOP, as described in...

6.3CVSS5.8AI score0.00012EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded last week3 views

CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

5.8AI score0.00012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded last week4 views

CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

5.8AI score0.00012EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/05/28 6:45 a.m.8 views

EUVD-2026-32733

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

6.4CVSS5.8AI score0.00047EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.5 views

PT-2026-44198

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filter videos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

6.4CVSS5.8AI score0.00047EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.7 views

PT-2026-44697

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An inappropriate implementation in the Media component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...

9.6CVSS5.8AI score0.00156EPSS
Exploits0References157
CNNVD
CNNVDadded 2026/05/27 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability, which was caused by improper implementation of the Media component. This vulnerability could allow remote attackers to bypass the origin policy using...

6.3CVSS5.8AI score0.00012EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/21 1:12 p.m.4 views

SUSE CVE-2026-9117

Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...

7.5CVSS5.8AI score0.00025EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/21 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-9117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to...

7.5CVSS5.8AI score0.00025EPSS
Exploits0References2
NVD
NVDadded 2026/05/20 8:16 p.m.7 views

CVE-2026-9117

Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...

7.5CVSS0.00025EPSS
Exploits0References2
Rows per page
Query Builder