Lucene search
K

203 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-51821

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

9.8CVSS0.00527EPSS
Exploits0References2
CVE
CVE
added 3 days ago7 views

CVE-2026-51821

Affected software: Shenzhou Shihan Video Conference System v1.0. Vulnerability: SQL Injection in the /user/getUserLogin endpoint. Root cause: Unsafely constructed SQL queries allow an attacker to inject arbitrary SQL. Impact: Remote attacker can execute arbitrary code with the system’s privileges...

9.8CVSS6.4AI score0.00527EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-51821

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

0.00527EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/07/08 10:36 p.m.7 views

CVE-2026-15119

Race in GetUserMedia in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS6AI score0.00147EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40730

Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-14039

Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.8 views

CVE-2026-14043

Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS0.00253EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-14043

Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14043

The vulnerability CVE-2026-14043 affects Google Chrome components handling GetUserMedia. A use-after-free in GetUserMedia could allow a remote attacker with control of the renderer process to potentially escape the sandbox via a crafted HTML page. Affected software is Chrome before build 150.0.78...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14039

Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00155EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:39 p.m.152 views

CVE-2026-14039

CVE-2026-14039 concerns Google Chrome’s GetUserMedia, where insufficient policy enforcement before version 150.0.7871.47 allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability affects Chrome components related to media permissions and page-origin che...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54314

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the GetUserMedia function allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
Snyk
Snyk
added 2026/06/10 10:15 p.m.9 views

Timing Attack

Overview shopware/core is a Shopware platform is the core for all Shopware ecommerce products. Affected versions of this package are vulnerable to Timing Attack through the getUserEntityByUserCredentials subroutine during authentication in the admin panel. An attacker can determine valid...

6.3CVSS5.4AI score0.00223EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 12:11 p.m.10 views

EUVD-2026-35410

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

5.4AI score0.00235EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 3:41 a.m.24 views

CVE-2026-9185

CVE-2026-9185 affects the WordPress plugin 6Storage Rentals (versions

7.5CVSS5.5AI score0.00403EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.26 views

PT-2026-47684

Name of the Vulnerable Software and Affected Versions 6Storage Rentals versions prior to 2.22.1 Description An authorization bypass exists in the 6Storage Rentals plugin for WordPress. Unauthenticated attackers can read and modify arbitrary tenant profile data, including names, email addresses,...

7.5CVSS5.3AI score0.00403EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.23 views

PT-2026-48159

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A NULL pointer dereference occurs in the gf isom get user data count function within the isomedia/isom read.c file. This issue allows attackers to cause a Denial of Service DoS, which is a condition where a...

5.5CVSS5.2AI score0.00192EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

WordPress plugin 6Storage Rentals 安全漏洞

WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the functionality of WordPress. There is a security vulnerability in WordPress Plugin...

7.5CVSS5.9AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tapgetuserxdp function failing when short frames are rejected or the buildskb function fails,...

7.4CVSS5.3AI score0.00235EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/05 3:39 a.m.14 views

SUSE CVE-2024-50102

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

5.5CVSS6.7AI score0.00239EPSS
Exploits0References16
Rows per page
Query Builder