Lucene search
K

236 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.32 views

Google Chrome < 150.0.7871.46 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 150.0.7871.46. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0175352312 advisory. - Use after free in V8 in Google Chrome prior to 150.0.7871.46 allow...

10CVSS6.5AI score0.00479EPSS
Exploits0References867
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.8 views

Google Chrome < 150.0.7871.46 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 150.0.7871.46. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0175352312 advisory. - Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed...

10CVSS6.5AI score0.00479EPSS
Exploits0References867
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-13950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially...

5.3CVSS6.2AI score0.0029EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.26 views

CVE-2026-13950

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.0029EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13950

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0029EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54152

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the GPU component on Windows allows a remote attacker who has already compromised the renderer process to obtain potentially sensitive...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
ATTACKERKB
ATTACKERKB
added 2026/06/26 3:18 p.m.8 views

CVE-2026-45195

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 6:32 p.m.10 views

EUVD-2026-38809

Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...

8.6CVSS5.8AI score0.00303EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 11:53 a.m.3 views

CVE-2026-56272 Flowise - Insufficient Password Salt Rounds in Bcrypt Hashing

Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...

5.6CVSS5.9AI score0.00073EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 11:53 a.m.9 views

EUVD-2026-38748

Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database...

5.6CVSS5.8AI score0.00073EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 11:16 p.m.22 views

CVE-2026-54235

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...

6.9CVSS0.00261EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/06/18 1:59 a.m.7 views

SUSE CVE-2026-12469

Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.3AI score0.00186EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 9:57 p.m.34 views

CVE-2026-41158 GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

0.00118EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 9:48 p.m.14 views

CVE-2026-41155

The CVE-2026-41155 entry describes a vulnerability in GPU DDK where shared secure memory allocations are mapped into all GPU virtual address spaces, enabling cooperative data transfer between secure GPU processes and potential disruption of others, causing image corruption or GPU hardware recover...

5.5CVSS5.4AI score0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.21 views

PT-2026-49022

Name of the Vulnerable Software and Affected Versions Imagination Graphics DDK affected versions not specified Description A web page containing unusual WebGPU content loaded into the GPU GLES render process can trigger an out-of-bound write in the GPU user-space driver. This occurs because the...

9.8CVSS5.3AI score0.00358EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.16 views

PT-2026-49020

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Software installed and run as a non-privileged user may perform intentional GPU sparse memory API calls to cause an out-of-bounds write in the kernel. This occur...

5.2AI score0.00328EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 10:16 p.m.4 views

DEBIAN-CVE-2026-12010

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00272EPSS
Exploits0References1
Lenovo
Lenovo
added 2026/06/09 3:1 p.m.26 views

NVIDIA GPU Display Driver and vGPU Software Vulnerabilities - Lenovo Support US

No description provided...

5.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/08 6:27 p.m.14 views

CVE-2026-46309

A flaw was found in the Linux kernel's drm/xe/uapi component. This vulnerability allows a Graphics Processing Unit GPU using cohnone coherency mode to bypass CPU caches and read stale sensitive data directly from Dynamic Random-Access Memory DRAM. This can lead to information disclosure, where da...

7CVSS5.5AI score0.00125EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/08 2:58 p.m.14 views

EUVD-2026-35083

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...

7.1CVSS5.5AI score0.00116EPSS
Exploits0References1
Rows per page
Query Builder